Shodan
Vulnerabilities
Vulnerable Software
College Management System Project:  >> College Management System  Security Vulnerabilities
CVE-2024-7681
A vulnerability was found in code-projects College Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component Login Page. The manipulation of the argument email/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.3
EPSS Score
0.002
Published
2024-08-12
CVE-2022-39179
College Management System v1.0 - Authenticated remote code execution. An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload .php file that contains malicious code via student.php file.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-11-17
CVE-2022-39180
College Management System v1.0 - SQL Injection (SQLi). By inserting SQL commands to the username and password fields in the login.php page
CVSS Score
9.8
EPSS Score
0.001
Published
2022-11-17
CVE-2022-32420
College Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /College/admin/teacher.php. This vulnerability is exploited via a crafted PHP file.
CVSS Score
8.8
EPSS Score
0.422
Published
2022-07-01
CVE-2022-30404
College Management System v1.0 is vulnerable to SQL Injection via /College_Management_System/admin/display-teacher.php?teacher_id=.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-05-13
CVE-2022-28079
College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter.
CVSS Score
8.8
EPSS Score
0.835
Published
2022-05-05
CVE-2020-25408
A Cross-Site Request Forgery (CSRF) vulnerability exists in ProjectWorlds College Management System Php 1.0 that allows a remote attacker to modify, delete, or make a new entry of the student, faculty, teacher, subject, scores, location, and article data.
CVSS Score
6.5
EPSS Score
0.001
Published
2021-05-24
CVE-2020-25409
Projectsworlds College Management System Php 1.0 is vulnerable to SQL injection issues over multiple parameters.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-05-24
CVE-2020-26051
College Management System Php 1.0 suffers from SQL injection vulnerabilities in the index.php page from POST parameters 'unametxt' and 'pwdtxt', which are not filtered before passing a SQL query.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-02-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved