Dino Physics School Assistant Project

Dino Physics School Assistant

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-35359

Exploit
  • EPSS 0.16%
  • Veröffentlicht 30.05.2024 17:15:34
  • Zuletzt bearbeitet 21.11.2024 09:20:12

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=view_item. Manipulating the argument id can result in SQL injection.

9.8

CVE-2024-35349

Exploit
  • EPSS 0.66%
  • Veröffentlicht 30.05.2024 17:15:33
  • Zuletzt bearbeitet 21.11.2024 09:20:10

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/category/view_category.php. Manipulating the argument id can result in SQL injection.

9.8

CVE-2024-35350

Exploit
  • EPSS 0.19%
  • Veröffentlicht 30.05.2024 17:15:33
  • Zuletzt bearbeitet 11.04.2025 16:14:33

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/?page=borrow/view_borrow. Manipulating the argument id can result in SQL injection.

5.4

CVE-2024-35351

  • EPSS 0.33%
  • Veröffentlicht 30.05.2024 17:15:33
  • Zuletzt bearbeitet 11.04.2025 16:14:40

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/SystemSettings.php?f=update_settings. Manipulating the parameter name results in cross-site script...

6.1

CVE-2024-35352

Exploit
  • EPSS 0.53%
  • Veröffentlicht 30.05.2024 17:15:33
  • Zuletzt bearbeitet 11.04.2025 15:16:59

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/Users.php?f=save. Manipulating the parameter middlename results in cross-site scripting.

9.8

CVE-2024-35353

Exploit
  • EPSS 0.5%
  • Veröffentlicht 30.05.2024 17:15:33
  • Zuletzt bearbeitet 11.04.2025 15:16:54

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Users.php?f=save. Manipulating the argument id can result in improper authorization.

5.4

CVE-2024-35345

Exploit
  • EPSS 0.29%
  • Veröffentlicht 30.05.2024 16:15:10
  • Zuletzt bearbeitet 11.04.2025 16:15:02

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts unidentified code within the file /classes/Users.php. Manipulating the argument id results in cross-site scripting.

9.8

CVE-2024-35354

Exploit
  • EPSS 0.29%
  • Veröffentlicht 30.05.2024 16:15:10
  • Zuletzt bearbeitet 11.04.2025 16:14:58

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=save_category. Manipulating the argument id can result in SQL injection.

9.8

CVE-2024-35355

Exploit
  • EPSS 0.29%
  • Veröffentlicht 30.05.2024 16:15:10
  • Zuletzt bearbeitet 11.04.2025 16:14:54

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=delete_category. Manipulating the argument id can result in SQL injection.

6.3

CVE-2024-35356

Exploit
  • EPSS 0.18%
  • Veröffentlicht 30.05.2024 16:15:10
  • Zuletzt bearbeitet 11.04.2025 16:14:48

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=save_item. Manipulating the argument id can result in SQL injection.