📦 Dino Physics School Assistant

This vulnerability allows attackers to execute arbitrary SQL commands through the id parameter in the /admin/category/view_category.php file in Diño Physics School Assistant. This affects all users r...

This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in Diño Physics School Assistant version 2.3. Attackers can manipulate the 'id' parameter in the /classes/Users.php?f=save ...

This vulnerability allows attackers to execute arbitrary SQL commands through the id parameter in Diño Physics School Assistant. It affects all users of version 2.3 who have access to the vulnerable ...

This vulnerability allows attackers to inject malicious scripts via the 'name' parameter in the /classes/SystemSettings.php?f=update_settings endpoint in Diño Physics School Assistant version 2.3. Wh...

This vulnerability allows attackers to inject malicious scripts via the 'id' parameter in Diño Physics School Assistant, resulting in cross-site scripting (XSS). It affects users of version 2.3 who a...

This vulnerability allows attackers to execute arbitrary SQL commands through the 'id' parameter in Diño Physics School Assistant version 2.3. Attackers can potentially read, modify, or delete databa...

This vulnerability allows attackers to perform SQL injection attacks on Diño Physics School Assistant version 2.3 by manipulating the 'id' parameter in the /classes/Master.php?f=view_category endpoin...