Remyandrade Student Grades Management System vulnerabilities

5 known vulnerabilities affecting remyandrade/student_grades_management_system.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2025-64070MEDIUMCVSS 5.4v1.02025-12-02
CVE-2025-64070 [MEDIUM] CWE-79 CVE-2025-64070: Sourcecodester Student Grades Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in Sourcecodester Student Grades Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in the Add New Subject Description field.
nvd
CVE-2025-63892MEDIUMCVSS 6.8v1.02025-11-18
CVE-2025-63892 [MEDIUM] CWE-79 CVE-2025-63892: A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is t A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function create_classroom of the file /classroom.php of the component My Classrooms Management Page. This manipulation of the argument name/description causes stored cross site scripting.
nvd
CVE-2025-13349MEDIUMCVSS 5.1v1.02025-11-18
CVE-2025-13349 [MEDIUM] CWE-79 CVE-2025-13349: A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue af A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue affects some unknown processing of the file /grades.php of the component Add New Grade Page. The manipulation of the argument Remarks leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed to the publ
nvd
CVE-2025-12332MEDIUMCVSS 4.8v1.02025-10-28
CVE-2025-12332 [MEDIUM] CWE-79 CVE-2025-12332: A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the funct A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function delete_user of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used.
nvd
CVE-2025-11485MEDIUMCVSS 4.8v1.02025-10-08
CVE-2025-11485 [MEDIUM] CWE-79 CVE-2025-11485: A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is t A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function add_user of the file /admin.php of the component Manage Users Page. This manipulation of the argument first_name/last_name causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly disclosed and may be
nvd