Lucene search
CVE-2024-4824
Vulnerability in School ERP Pro+Responsive 1.0 allows remote SQL injection via '/SchoolERP/office_admin/' inde
Show more
| Reporter | Title | Published | Views | Family All 3 |
|---|---|---|---|---|
 | CVE-2024-4824 SQL Injection in School ERP Pro+Responsive by AROX SOLUTION | 13 May 202411:29 | – | cvelist |
 | CVE-2024-4824 SQL Injection in School ERP Pro+Responsive by AROX SOLUTION | 13 May 202411:29 | – | vulnrichment |
 | CVE-2024-4824 | 14 May 202415:45 | – | nvd |
Node
[
{
"defaultStatus": "unaffected",
"product": "School ERP Pro+Responsive",
"vendor": "AROX SOLUTION",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| groups_id | query param | /SchoolERP/office_admin/ | SQL injection vulnerability that allows attackers to manipulate SQL queries. | CWE-89 |
| examname | query param | /SchoolERP/office_admin/ | SQL injection vulnerability that allows attackers to manipulate SQL queries. | CWE-89 |
| classes_id | query param | /SchoolERP/office_admin/ | SQL injection vulnerability that allows attackers to manipulate SQL queries. | CWE-89 |
| es_voucherid | query param | /SchoolERP/office_admin/ | SQL injection vulnerability that allows attackers to manipulate SQL queries. | CWE-89 |
| es_class | query param | /SchoolERP/office_admin/ | SQL injection vulnerability that allows attackers to manipulate SQL queries. | CWE-89 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo14 May 2024 15:45Current
7.3High risk
Vulners AI Score7.3
CVSS39.8
EPSS0.00194
SSVC