This page lists publicly disclosed CVE vulnerabilities affecting oretnom23 student_grading_system (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-10421 | A flaw has been found in SourceCodester Student Grading System 1.0. This vulnerability affects unknown code of the file /update_account.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used. | [email protected] | 2.1 | 0.06% | 2025-09-15 | 2026-04-29 |
| CVE-2025-10420 | A vulnerability was detected in SourceCodester Student Grading System 1.0. This affects an unknown part of the file /form137.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. | [email protected] | 2.1 | 0.06% | 2025-09-15 | 2026-04-29 |
| CVE-2025-10419 | A security vulnerability has been detected in SourceCodester Student Grading System 1.0. Affected by this issue is some unknown functionality of the file /del_promote.php. Such manipulation of the argument sy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. | [email protected] | 2.1 | 0.06% | 2025-09-15 | 2026-04-29 |
| CVE-2025-10418 | A weakness has been identified in SourceCodester Student Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_students.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. | [email protected] | 2.1 | 0.06% | 2025-09-15 | 2026-04-29 |
| CVE-2025-10409 | A weakness has been identified in SourceCodester Student Grading System 1.0. This affects an unknown part of the file /rms.php?page=users. Executing manipulation of the argument fname can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. | [email protected] | 2.1 | 0.06% | 2025-09-14 | 2026-04-29 |
| CVE-2025-10408 | A security flaw has been discovered in SourceCodester Student Grading System 1.0. Affected by this issue is some unknown functionality of the file /edit_user.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. | [email protected] | 2.1 | 0.06% | 2025-09-14 | 2026-04-29 |
| CVE-2025-10407 | A vulnerability was identified in SourceCodester Student Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_user.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | [email protected] | 2.1 | 0.06% | 2025-09-14 | 2026-04-29 |
| CVE-2022-28026 | Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=student_p&id=. | [email protected] | 9.8 | 0.35% | 2022-04-21 | 2025-09-19 |
| CVE-2022-28025 | Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=school_year. | [email protected] | 9.8 | 0.35% | 2022-04-21 | 2025-09-19 |
| CVE-2022-28024 | Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=grade. | [email protected] | 9.8 | 0.35% | 2022-04-21 | 2025-09-19 |
| CVE-2022-27304 | Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via the user parameter. | [email protected] | 9.8 | 0.30% | 2022-04-05 | 2025-09-19 |