Filtered by vendor Casap Automated Enrollment System Project
Subscribe
Filtered by product Casap Automated Enrollment System
Subscribe
Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40261 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2021-11-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple Cross Site Scripting (XSS) vulnerabilities exist in SourceCodester CASAP Automated Enrollment System 1.0 via the (1) user_username and (2) category parameters in save_class.php, the (3) firstname, (4) class, and (5) status parameters in student_table.php, the (6) category and (7) class_name parameters in add_class1.php, the (8) fname, (9) mname,(10) lname, (11) address, (12) class, (13) gfname, (14) gmname, (15) glname, (16) rship, (17) status, (18) transport, and (19) route parameters in add_student.php, the (20) fname, (21) mname, (22) lname, (23) address, (24) class, (25) fgname, (26) gmname, (27) glname, (28) rship, (29) status, (30) transport, and (31) route parameters in save_stud.php,the (32) status, (33) fname, and (34) lname parameters in add_user.php, the (35) username, (36) firstname, and (37) status parameters in users.php, the (38) fname, (39) lname, and (40) status parameters in save_user.php, and the (41) activity_log, (42) aprjun, (43) class, (44) janmar, (45) Julsep,(46) octdec, (47) Students and (48) users parameters in table_name. | |||||
| CVE-2021-27332 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2021-07-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the class_name parameter to update_class.php. | |||||
| CVE-2021-26223 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2021-07-30 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_pay.php. | |||||
| CVE-2021-26226 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2021-07-30 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_user.php. | |||||
| CVE-2021-26229 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2021-07-30 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_stud.php. | |||||
| CVE-2021-26230 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2021-07-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the user information to save_user.php. | |||||
| CVE-2021-26228 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2021-07-30 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_class1.php. | |||||
| CVE-2021-26227 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2021-07-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the student information parameters to edit_stud.php. | |||||
| CVE-2021-27129 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2021-04-19 | 3.5 LOW | 5.4 MEDIUM |
| CASAP Automated Enrollment System version 1.0 contains a cross-site scripting (XSS) vulnerability through the Students > Edit > ROUTE parameter. | |||||
| CVE-2021-26201 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2021-02-22 | 7.5 HIGH | 9.8 CRITICAL |
| The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page. | |||||
| CVE-2021-3294 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2021-02-17 | 3.5 LOW | 5.4 MEDIUM |
| CASAP Automated Enrollment System 1.0 is affected by cross-site scripting (XSS) in users.php. An attacker can steal a cookie to perform user redirection to a malicious website. | |||||