Web-Based Student Clearance System Project Web-Based Student Clearance System vulnerabilities
7 known vulnerabilities affecting web-based_student_clearance_system_project/web-based_student_clearance_system.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM6
Vulnerabilities
Page 1 of 1
CVE-2022-45224MEDIUMCVSS 4.8v1.02022-11-28
CVE-2022-45224 [MEDIUM] CWE-79 CVE-2022-45224: Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting (XSS) vulne
Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in Admin/add-admin.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter.
nvd
CVE-2022-45221MEDIUMCVSS 4.8v1.02022-11-28
CVE-2022-45221 [MEDIUM] CWE-79 CVE-2022-45221: Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting (XSS) vulne
Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in changepassword.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtnew_password parameter.
nvd
CVE-2022-45223MEDIUMCVSS 4.8v1.02022-11-28
CVE-2022-45223 [MEDIUM] CWE-79 CVE-2022-45223: Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting (XSS) vulne
Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /Admin/add-student.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter.
nvd
CVE-2022-43076MEDIUMCVSS 4.8v1.02022-11-01
CVE-2022-43076 [MEDIUM] CWE-79 CVE-2022-43076: A cross-site scripting (XSS) vulnerability in /admin/edit-admin.php of Web-Based Student Clearance S
A cross-site scripting (XSS) vulnerability in /admin/edit-admin.php of Web-Based Student Clearance System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtemail parameter.
nvd
CVE-2022-43078MEDIUMCVSS 4.8v1.02022-11-01
CVE-2022-43078 [MEDIUM] CWE-79 CVE-2022-43078: A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of Web-Based Student Clearance Syst
A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of Web-Based Student Clearance System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept parameter.
nvd
CVE-2022-3436HIGHCVSS 7.5v1.02022-10-09
CVE-2022-3436 [MEDIUM] CWE-266 CVE-2022-3436: A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance Syste
A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The associated identifier of this vulnerabil
nvd
CVE-2022-3434MEDIUMCVSS 5.4v1.02022-10-08
CVE-2022-3434 [LOW] CWE-707 CVE-2022-3434: A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been rated as
A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been rated as problematic. Affected by this issue is the function prepare of the file /Admin/add-student.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifi
nvd