Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Online Enrollment Management System Project Subscribe
Filtered by product Online Enrollment Management System
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-40579 1 Online Enrollment Management System Project 1 Online Enrollment Management System 2022-01-07 4.0 MEDIUM 6.5 MEDIUM
https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges (remote).
CVE-2021-44599 1 Online Enrollment Management System Project 1 Online Enrollment Management System 2022-01-04 5.0 MEDIUM 7.5 HIGH
The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's load_file function with a UNC file path that references a URL on an external domain. The application interacted with that domain, indicating that the injected SQL query was executed. The attacker can retrieve sensitive information for all users of this system.
CVE-2021-40578 1 Online Enrollment Management System Project 1 Online Enrollment Management System 2021-12-16 6.5 MEDIUM 7.2 HIGH
Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment Management System in PHP and PayPal Free Source Code 1.0, that allows attackers to obtain sensitive information and execute arbitrary SQL commands via IDNO parameter.
CVE-2021-40577 1 Online Enrollment Management System Project 1 Online Enrollment Management System 2021-12-03 3.5 LOW 5.4 MEDIUM
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 in the Add-Users page via the Name parameter.