Search Results | AttackerKB

Show filters

Topics 5 Users 9,712

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

5 Total Results

Displaying 1-5 of 5

Attacker Value

Unknown

CVE-2022-28026

Disclosure Date: April 21, 2022 (last updated October 07, 2023)

Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=student_p&id=.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2022-28025

Disclosure Date: April 21, 2022 (last updated October 07, 2023)

Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=school_year.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2022-28024

Disclosure Date: April 21, 2022 (last updated October 07, 2023)

Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=grade.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2022-27304

Disclosure Date: April 05, 2022 (last updated February 23, 2025)

Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via the user parameter.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-41658

Disclosure Date: January 24, 2022 (last updated February 23, 2025)

Cross Site Scripting (XSS) in Sourcecodester Student Quarterly Grading System by oretnom23, allows attackers to execute arbitrary code via the fullname and username parameters to the users page.

Attack Vector: Network Privileges: Low User Interaction: Required

0