📦 Simple Scheduling System

This vulnerability allows remote attackers to execute arbitrary SQL commands via the starttime/endtime parameters in the /addtime.php file of Simple Scheduling System 1.0. Attackers can potentially re...

This vulnerability allows remote attackers to execute arbitrary SQL commands via the 'corcode' parameter in the /schedulingsystem/addcourse.php file in Simple Scheduling System 1.0. Attackers can pote...

CVE-2025-11105 is an SQL injection vulnerability in code-projects Simple Scheduling System 1.0 affecting the /schedulingsystem/addsubject.php file. Attackers can manipulate the 'subcode' parameter to ...

Simple Scheduling System 1.0 contains a stored XSS vulnerability in the Subject Description field that allows attackers to inject malicious scripts. When users view scheduled items containing the mali...