Vulnerabilities > Imsurajghosh

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-08	CVE-2023-5008	SQL Injection vulnerability in Imsurajghosh Student Information System 1.0 Student Information System v1.0 is vulnerable to an unauthenticated SQL Injection vulnerability on the 'regno' parameter of index.php page, allowing an external attacker to dump all the contents of the database contents and bypass the login control. network low complexity imsurajghosh CWE-89 critical	9.8
2023-12-07	CVE-2023-4122	Unrestricted Upload of File with Dangerous Type vulnerability in Imsurajghosh Student Information System 1.0 Student Information System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'photo' parameter of my-profile page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application. network low complexity imsurajghosh CWE-434	8.8

Vulnerabilities > Imsurajghosh {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Imsurajghosh"}]}