Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Authorization Bypass Through User-Controlled Key vulnerability in EXERT Computer Technologies Software Ltd. Co. Education Management System allows Parameter Injection. This issue affects Education Ma
Authorization Bypass Through User-Controlled Key vulnerability in PROLIZ Computer Software Hardware Service Trade Ltd. Co. OBS (Student Affairs Information System) allows Parameter Injection. This is
A vulnerability has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This vulnerability affects unknown code of the file /login.php of the component Pa
An authenticated parameter injection vulnerability exists in the web-based management interface of the AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated user to
A SQL Injection vulnerability was found in /search_class.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized databas
Authorization Bypass Through User-Controlled Key vulnerability in MeCODE Informatics and Engineering Services Ltd. Envanty allows Parameter Injection. This issue affects Envanty: before 1.0.6.   N
CVE-2026-4104
CRITICAL CVSS 9.8
Find Similar
Authorization bypass through User-Controlled SQL primary key vulnerability in Akmer Informatics Automation Industry and Trade Ltd. Co. TeknoPass allows SQL Injection. This issue affects TeknoPass: fr
Authorization Bypass Through User-Controlled Key vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 2.0.4.
CVE-2025-0987
CRITICAL CVSS 9.9
Find Similar
Authorization Bypass Through User-Controlled Key vulnerability in CB Project Ltd. Co. CVLand allows Parameter Injection. This issue affects CVLand: from 2.1.0 through 20251103. NOTE: The vendor was c
A vulnerability was found in code-projects Admission Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php of the component Login. The
A security vulnerability has been detected in itsourcecode School Management System 1.0. This issue affects some unknown processing of the file /enrollment/index.php. Such manipulation of the argument
CVE-2024-54923
CRITICAL CVSS 9.8
Find Similar
A SQL Injection vulnerability was found in /admin/edit_teacher.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized d
CVE-2025-59737
CRITICAL CVSS 9.3
Find Similar
Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The rela
A vulnerability, which was classified as critical, has been found in code-projects Online Class and Exam Scheduling System 1.0. This issue affects some unknown processing of the file /pages/activate.p
School Management System CMS 1.0 contains an SQL injection vulnerability in the admin login functionality that allows attackers to bypass authentication by injecting SQL code through the username para
A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file manage_user.php. The manipul
Authorization Bypass Through User-Controlled Key vulnerability in Akbim Software Online Exam Registration allows Exploitation of Trusted Identifiers. This issue affects Online Exam Registration: befo
Authorization Bypass Through User-Controlled Key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Exploitation of Tru
A vulnerability was found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown part. Performing manipulation results in missing authe
CVE-2024-54920
CRITICAL CVSS 9.8
Find Similar
A SQL Injection vulnerability was found in /teacher_signup.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized databa
Page 1+ Next →