Filtered by vendor Vishalmathur
Subscriptions
Filtered by product Cloudclassroom-php Project
Subscriptions
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2025-46178 | 1 Vishalmathur | 1 Cloudclassroom-php Project | 2025-07-02 | 6.1 Medium |
Cross-Site Scripting (XSS) vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement. | ||||
CVE-2025-46179 | 1 Vishalmathur | 1 Cloudclassroom-php Project | 2025-06-26 | 9.8 Critical |
A SQL Injection vulnerability was discovered in the askquery.php file of CloudClassroom-PHP Project v1.0. The squeryx parameter accepts unsanitized input, which is passed directly into backend SQL queries. | ||||
CVE-2025-45542 | 1 Vishalmathur | 1 Cloudclassroom-php Project | 2025-06-13 | 7.3 High |
SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries. | ||||
CVE-2024-57459 | 1 Vishalmathur | 1 Cloudclassroom-php Project | 2025-06-13 | 7.3 High |
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands. | ||||
CVE-2024-57423 | 1 Vishalmathur | 1 Cloudclassroom-php Project | 2025-04-07 | 6.1 Medium |
A Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0 allows a remote attacker to execute arbitrary code via the exid parameter of the assessment function. |
Page 1 of 1.