MidnightBSD

Advisories for online_student_enrollment_system_project

CVE-2022-46502

Online Student Enrollment System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at /student_enrollment/admin/login.php.

Products Affected

Vendor Product Version
online_student_enrollment_system_project online_student_enrollment_system 1.0
CVE-2022-46503

A cross-site scripting (XSS) vulnerability in the component /admin/register.php of Online Student Enrollment System v1.0 allows attackers to execute arbitrary web scripts via a crafted payload injected into the name parameter.

Products Affected

Vendor Product Version
online_student_enrollment_system_project online_student_enrollment_system 1.0