Vulnerabilities (CVE)

Filtered by vendor Kashipara Subscribe
Filtered by product Student Information System
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-5011 1 Kashipara 1 Student Information System 2024-11-21 N/A 9.8 CRITICAL
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursename' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.
CVE-2023-5010 1 Kashipara 1 Student Information System 2024-11-21 N/A 9.8 CRITICAL
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursecode' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.
CVE-2023-5007 1 Kashipara 1 Student Information System 2024-11-21 N/A 9.8 CRITICAL
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.