cbcvebase.

Online Enrollment Management System Project Online Enrollment Management System vulnerabilities

4 known vulnerabilities affecting online_enrollment_management_system_project/online_enrollment_management_system.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2021-40577P4MEDIUMCVSS 5.4PoCv1.02021-11-08
CVE-2021-40577 [MEDIUM] CWE-79 CVE-2021-40577: A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Enrollment Managem A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 in the Add-Users page via the Name parameter.
nvd
CVE-2021-44599P3HIGHCVSS 7.5v1.02021-12-23
CVE-2021-44599 [HIGH] CWE-89 CVE-2021-44599: The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's load_file function with a UNC file path that references a URL on an external domain. The application interacted with that domain, indicating that the injected SQL query was
nvd
CVE-2021-40578P3HIGHCVSS 7.2v1.02021-12-07
CVE-2021-40578 [HIGH] CWE-89 CVE-2021-40578: Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment Ma Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment Management System in PHP and PayPal Free Source Code 1.0, that allows attackers to obtain sensitive information and execute arbitrary SQL commands via IDNO parameter.
nvd
CVE-2021-40579P3MEDIUMCVSS 6.5v1.02021-12-28
CVE-2021-40579 [MEDIUM] CWE-639 CVE-2021-40579: https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Co https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges (remote).
nvd
Online Enrollment Management System Project Online Enrollment Management System vulnerabilities | cvebase