Aggregates CVE and security vulnerability intelligence across all online_enrollment_management_system_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk sql injection and vendor risk cross-site scripting; exposure may include vendor impact data exposure in vendor surface production workloads contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-40579 | https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges (remote). | [email protected] | 6.5 | 0.84% | 2021-12-28 | 2026-06-17 |
| CVE-2021-44599 | The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's load_file function with a UNC file path that references a URL on an external domain. The application interacted with that domain, indicating that the injected SQL query was executed. The attacker can retrieve sensitive information for all users of this system. | [email protected] | 7.5 | 1.21% | 2021-12-23 | 2026-06-17 |
| CVE-2021-40578 | Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment Management System in PHP and PayPal Free Source Code 1.0, that allows attackers to obtain sensitive information and execute arbitrary SQL commands via IDNO parameter. | [email protected] | 7.2 | 1.48% | 2021-12-07 | 2026-06-17 |
| CVE-2021-40577 | A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 in the Add-Users page via the Name parameter. | [email protected] | 5.4 | 1.64% | 2021-11-08 | 2026-06-17 |