Casap Automated Enrollment System Project

Casap Automated Enrollment System

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-33485

  • EPSS 0.38%
  • Veröffentlicht 14.05.2024 18:15:11
  • Zuletzt bearbeitet 11.11.2025 18:15:34

SQL Injection vulnerability in CASAP Automated Enrollment System using PHP/MySQLi with Source Code V1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the login.php component

6.1

CVE-2021-40261

Exploit
  • EPSS 0.33%
  • Veröffentlicht 08.11.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:23:47

Multiple Cross Site Scripting (XSS) vulnerabilities exist in SourceCodester CASAP Automated Enrollment System 1.0 via the (1) user_username and (2) category parameters in save_class.php, the (3) firstname, (4) class, and (5) status parameters in stud...

9.8

CVE-2021-26223

Exploit
  • EPSS 0.51%
  • Veröffentlicht 22.07.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 05:55:56

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_pay.php.

6.1

CVE-2021-27332

Exploit
  • EPSS 0.29%
  • Veröffentlicht 22.07.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 05:57:48

Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the class_name parameter to update_class.php.

9.8

CVE-2021-26226

Exploit
  • EPSS 0.51%
  • Veröffentlicht 22.07.2021 18:15:23
  • Zuletzt bearbeitet 21.11.2024 05:55:56

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_user.php.

6.1

CVE-2021-26227

Exploit
  • EPSS 0.22%
  • Veröffentlicht 22.07.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 05:55:56

Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the student information parameters to edit_stud.php.

9.8

CVE-2021-26228

Exploit
  • EPSS 0.62%
  • Veröffentlicht 22.07.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 05:55:57

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_class1.php.

9.8

CVE-2021-26229

Exploit
  • EPSS 0.51%
  • Veröffentlicht 22.07.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 05:55:57

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_stud.php.

6.1

CVE-2021-26230

Exploit
  • EPSS 0.22%
  • Veröffentlicht 22.07.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 05:55:57

Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the user information to save_user.php.

5.4

CVE-2021-27129

Exploit
  • EPSS 0.18%
  • Veröffentlicht 15.04.2021 12:15:13
  • Zuletzt bearbeitet 11.11.2025 18:15:33

CASAP Automated Enrollment System version 1.0 contains a cross-site scripting (XSS) vulnerability through the Students > Edit > ROUTE parameter.