casap_automated_enrollment_system_project CVE Vulnerabilities & Metrics

Focus on casap_automated_enrollment_system_project vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About casap_automated_enrollment_system_project Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with casap_automated_enrollment_system_project. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total casap_automated_enrollment_system_project CVEs: 11
Earliest CVE date: 09 Feb 2021, 00:15 UTC
Latest CVE date: 08 Nov 2021, 21:15 UTC

Latest CVE reference: CVE-2021-40261

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 0

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical casap_automated_enrollment_system_project CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 5.61

Max CVSS: 7.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	2
4.0-6.9	4
7.0-8.9	5
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS casap_automated_enrollment_system_project CVEs

These are the five CVEs with the highest CVSS scores for casap_automated_enrollment_system_project, sorted by severity first and recency.

CVE-2021-26223 casap_automated_enrollment_system_project Published on 22 Jul 2021, 19:15 UTC (CVSS: 7.5)
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_pay.php.
CVE-2021-26226 casap_automated_enrollment_system_project Published on 22 Jul 2021, 18:15 UTC (CVSS: 7.5)
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_user.php.
CVE-2021-26229 casap_automated_enrollment_system_project Published on 22 Jul 2021, 17:15 UTC (CVSS: 7.5)
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_stud.php.
CVE-2021-26228 casap_automated_enrollment_system_project Published on 22 Jul 2021, 17:15 UTC (CVSS: 7.5)
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_class1.php.
CVE-2021-26201 casap_automated_enrollment_system_project Published on 15 Feb 2021, 21:15 UTC (CVSS: 7.5)
The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page.

All CVEs for casap_automated_enrollment_system_project

CVE-2021-40261 casap_automated_enrollment_system_project vulnerability CVSS: 4.3 08 Nov 2021, 21:15 UTC

Multiple Cross Site Scripting (XSS) vulnerabilities exist in SourceCodester CASAP Automated Enrollment System 1.0 via the (1) user_username and (2) category parameters in save_class.php, the (3) firstname, (4) class, and (5) status parameters in student_table.php, the (6) category and (7) class_name parameters in add_class1.php, the (8) fname, (9) mname,(10) lname, (11) address, (12) class, (13) gfname, (14) gmname, (15) glname, (16) rship, (17) status, (18) transport, and (19) route parameters in add_student.php, the (20) fname, (21) mname, (22) lname, (23) address, (24) class, (25) fgname, (26) gmname, (27) glname, (28) rship, (29) status, (30) transport, and (31) route parameters in save_stud.php,the (32) status, (33) fname, and (34) lname parameters in add_user.php, the (35) username, (36) firstname, and (37) status parameters in users.php, the (38) fname, (39) lname, and (40) status parameters in save_user.php, and the (41) activity_log, (42) aprjun, (43) class, (44) janmar, (45) Julsep,(46) octdec, (47) Students and (48) users parameters in table_name.

CVE-2021-27332 casap_automated_enrollment_system_project vulnerability CVSS: 4.3 22 Jul 2021, 19:15 UTC

Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the class_name parameter to update_class.php.

CVE-2021-26223 casap_automated_enrollment_system_project vulnerability CVSS: 7.5 22 Jul 2021, 19:15 UTC

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_pay.php.

CVE-2021-26226 casap_automated_enrollment_system_project vulnerability CVSS: 7.5 22 Jul 2021, 18:15 UTC

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_user.php.

CVE-2021-26230 casap_automated_enrollment_system_project vulnerability CVSS: 4.3 22 Jul 2021, 17:15 UTC

Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the user information to save_user.php.

CVE-2021-26229 casap_automated_enrollment_system_project vulnerability CVSS: 7.5 22 Jul 2021, 17:15 UTC

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_stud.php.

CVE-2021-26228 casap_automated_enrollment_system_project vulnerability CVSS: 7.5 22 Jul 2021, 17:15 UTC

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_class1.php.

CVE-2021-26227 casap_automated_enrollment_system_project vulnerability CVSS: 4.3 22 Jul 2021, 17:15 UTC

Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the student information parameters to edit_stud.php.

CVE-2021-27129 casap_automated_enrollment_system_project vulnerability CVSS: 3.5 15 Apr 2021, 12:15 UTC

CASAP Automated Enrollment System version 1.0 contains a cross-site scripting (XSS) vulnerability through the Students > Edit > ROUTE parameter.

CVE-2021-26201 casap_automated_enrollment_system_project vulnerability CVSS: 7.5 15 Feb 2021, 21:15 UTC

The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page.

CVE-2021-3294 casap_automated_enrollment_system_project vulnerability CVSS: 3.5 09 Feb 2021, 00:15 UTC

CASAP Automated Enrollment System 1.0 is affected by cross-site scripting (XSS) in users.php. An attacker can steal a cookie to perform user redirection to a malicious website.