Zerowdd Studentmanager vulnerabilities

CVE-2026-2201 [MEDIUM] CWE-79 CVE-2026-2201: A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. The manipulation of the argument Reason for Leave leads to cross site scripting. The attack may be initiated remotely. T

CVE-2025-3587 [MEDIUM] CWE-266 CVE-2025-3587: A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This v A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-13143 [MEDIUM] CWE-79 CVE-2024-13143: A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issu A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the function submitAddPermission of the file src/main/java/com/zero/system/controller/PermissionController. java. The manipulation of the argument url leads to cross site scripting. The attack may be initiated remotely. The exploit has been d

CVE-2024-13133 [MEDIUM] CWE-284 CVE-2024-13133: A vulnerability, which was classified as critical, has been found in ZeroWdd studentmanager 1.0. Thi A vulnerability, which was classified as critical, has been found in ZeroWdd studentmanager 1.0. This issue affects the function addStudent/editStudent of the file src/main/Java/com/wdd/studentmanager/controller/StudentController. java. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The expl

CVE-2024-13134 [MEDIUM] CWE-284 CVE-2024-13134: A vulnerability, which was classified as critical, was found in ZeroWdd studentmanager 1.0. Affected A vulnerability, which was classified as critical, was found in ZeroWdd studentmanager 1.0. Affected is the function addTeacher/editTeacher of the file src/main/Java/com/wdd/studentmanager/controller/TeacherController. java. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit

CVE-2024-13142 [MEDIUM] CWE-79 CVE-2024-13142: A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This v A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects the function submitAddRole of the file src/main/java/com/zero/system/controller/RoleController. java. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely.

CVE-2023-39094 [MEDIUM] CWE-79 CVE-2023-39094: Cross Site Scripting vulnerability in ZeroWdd studentmanager v.1.0 allows a remote attacker to execu Cross Site Scripting vulnerability in ZeroWdd studentmanager v.1.0 allows a remote attacker to execute arbitrary code via the username parameter in the student list function.