Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
engineers online portal project engineers online portal - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-42668
A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter in the my_classmates.php web page.. As a result, an attacker can extract sensitive data from the web server and in some cases can use this vulnerability in order to get a re...
Engineers Online Portal Project Engineers Online Portal -
2 Github repositories
9.8
CVSSv3
CVE-2021-42669
A file upload vulnerability exists in Sourcecodester Engineers Online Portal in PHP via dashboard_teacher.php, which allows changing the avatar through teacher_avatar.php. Once an avatar gets uploaded it is getting uploaded to the /admin/uploads/ directory, and is accessible by a...
Engineers Online Portal Project Engineers Online Portal -
2 Github repositories
9.8
CVSSv3
CVE-2021-42670
A SQL injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to the announcements_student.php web page. As a result a malicious user can extract sensitive data from the web server and in some cases use this vulnerability in order to g...
Engineers Online Portal Project Engineers Online Portal -
2 Github repositories
7.5
CVSSv3
CVE-2021-42671
An incorrect access control vulnerability exists in Sourcecodester Engineers Online Portal in PHP in nia_munoz_monitoring_system/admin/uploads. An attacker can leverage this vulnerability in order to bypass access controls and access all the files uploaded to the web server witho...
Engineers Online Portal Project Engineers Online Portal -
2 Github repositories
9.8
CVSSv3
CVE-2023-5282
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file seed_message_student.php. The manipulation of the argument teacher_id leads to sql injection. The attack can be initiated...
Engineers Online Portal Project Engineers Online Portal 1.0
8.8
CVSSv3
CVE-2023-5283
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file teacher_signup.php. The manipulation of the argument firstname/lastname leads to sql injection. The attack may be initiat...
Engineers Online Portal Project Engineers Online Portal 1.0
8.8
CVSSv3
CVE-2023-5284
A vulnerability classified as critical has been found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file upload_save_student.php. The manipulation of the argument uploaded_file leads to unrestricted upload. It is possible to launch the atta...
Engineers Online Portal Project Engineers Online Portal 1.0
9.8
CVSSv3
CVE-2023-5276
A vulnerability classified as critical was found in SourceCodester Engineers Online Portal 1.0. This vulnerability affects unknown code of the file downloadable_student.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The iden...
Engineers Online Portal Project Engineers Online Portal 1.0
9.8
CVSSv3
CVE-2023-5277
A vulnerability, which was classified as critical, has been found in SourceCodester Engineers Online Portal 1.0. This issue affects some unknown processing of the file student_avatar.php. The manipulation of the argument change leads to unrestricted upload. The attack may be init...
Engineers Online Portal Project Engineers Online Portal 1.0
9.8
CVSSv3
CVE-2023-5278
A vulnerability, which was classified as critical, was found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remote...
Engineers Online Portal Project Engineers Online Portal 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »