Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
casap automated enrollment system project casap automated enrollment system 1.0 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-3294
CASAP Automated Enrollment System 1.0 is affected by cross-site scripting (XSS) in users.php. An attacker can steal a cookie to perform user redirection to a malicious website.
Casap Automated Enrollment System Project Casap Automated Enrollment System 1.0
9.8
CVSSv3
CVE-2021-26201
The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page.
Casap Automated Enrollment System Project Casap Automated Enrollment System 1.0
9.8
CVSSv3
CVE-2021-26223
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote malicious users to execute arbitrary SQL statements, via the id parameter to view_pay.php.
Casap Automated Enrollment System Project Casap Automated Enrollment System 1.0
9.8
CVSSv3
CVE-2021-26226
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote malicious users to execute arbitrary SQL statements, via the id parameter to edit_user.php.
Casap Automated Enrollment System Project Casap Automated Enrollment System 1.0
6.1
CVSSv3
CVE-2021-26227
Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote malicious users to inject arbitrary web script or HTML via the student information parameters to edit_stud.php.
Casap Automated Enrollment System Project Casap Automated Enrollment System 1.0
9.8
CVSSv3
CVE-2021-26228
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote malicious users to execute arbitrary SQL statements, via the id parameter to edit_class1.php.
Casap Automated Enrollment System Project Casap Automated Enrollment System 1.0
9.8
CVSSv3
CVE-2021-26229
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote malicious users to execute arbitrary SQL statements, via the id parameter to edit_stud.php.
Casap Automated Enrollment System Project Casap Automated Enrollment System 1.0
6.1
CVSSv3
CVE-2021-27332
Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote malicious users to inject arbitrary web script or HTML via the class_name parameter to update_class.php.
Casap Automated Enrollment System Project Casap Automated Enrollment System 1.0
6.1
CVSSv3
CVE-2021-26230
Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote malicious users to inject arbitrary web script or HTML via the user information to save_user.php.
Casap Automated Enrollment System Project Casap Automated Enrollment System 1.0
6.1
CVSSv3
CVE-2021-40261
Multiple Cross Site Scripting (XSS) vulnerabilities exist in SourceCodester CASAP Automated Enrollment System 1.0 via the (1) user_username and (2) category parameters in save_class.php, the (3) firstname, (4) class, and (5) status parameters in student_table.php, the (6) categor...
Casap Automated Enrollment System Project Casap Automated Enrollment System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started