Kashipara Online Exam System 安全漏洞

Kashipara Online Exam System is an online exam system from Kashipara. A security vulnerability exists in version V1.0 of the kashipara Online Exam System, which originates from unvalidated parameters rname, rcollage, rnumber, rgender, and rpassword in the /exam/user/profile.php page, which could...

CVE-2024-41251

An Incorrect Access Control vulnerability was found in /smsa/adminteacherregisterapproval.php and /smsa/adminteacherregisterapprovalsubmit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve Teacher registration...

CVE-2024-41243

An Incorrect Access Control vulnerability was found in /smsa/viewmarks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details...

CVE-2024-46334

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting XSS via the formuser and formpassword parameters in /adminLogin.php...

Kashipara Responsive School Management System 安全漏洞

Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in Kashipara Responsive School Management System version 1.0, which originates from an unvalidated parameter in clientuser/feedback.php and could lead to a cross-site...

EUVD-2024-38987

Malicious code in bioql PyPI...

CVE-2024-41248

An Incorrect Access Control vulnerability was found in /smsa/addsubject.php and /smsa/addsubjectsubmit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new subject entry...

CVE-2024-0271

A vulnerability has been found in Kashipara Food Management System up to 1.0 and classified as critical. This vulnerability affects unknown code of the file addmaterialedit.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-26158

A Stored Cross-Site Scripting XSS vulnerability was discovered in the manage-employee.php page of Kashipara Online Attendance Management System V1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the department parameter...

CVE-2024-54928

kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteteacher.php,...

CVE-2024-54921

A SQL Injection was found in /studentsignup.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username, firstname, lastname, and classid parameters...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit the vulnerability to access the database by executing arbitrary SQL commands via the firstname, lastname,...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit the vulnerability to access the database by executing arbitrary SQL commands via the username, firstname,...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to gain unauthorized access to the database by executing arbitrary SQL commands via the...

CVE-2024-50828

A SQL Injection vulnerability was found in /admin/editdepartment.php in kashipara E-learning Management System Project 1.0 via the d parameter...

CVE-2024-50840

A Stored Cross-Site Scripting XSS vulnerability was found in /admin/class.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the classname parameter...

PT-2024-30169 · Unknown · Kashipara Music Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Music Management System version 1.0 Description: An Incorrect Access Control issue was found in the "/music/ajax.php?action=delete genre" API endpoint. This allows an unauthenticated attacker to delete valid music genre entries...

Kashipara Responsive School Management System 安全漏洞

Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in Kashipara Responsive School Management System version v3.2.0, which originates from an SQL injection vulnerability in the username parameter of the /smsa/adminlogin.php...

Kashipara Music Management System 安全漏洞

Kashipara Music Management System is a music management system from Kashipara. A cross-site scripting vulnerability exists in Kashipara Music Management System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the title and description parameters of...

PT-2024-30137 · Unknown · Kashipara Hotel Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Hotel Management System version 1.0 Description: The issue concerns an Unrestricted File Upload vulnerability, allowing Remote Code Execution RCE through the /admin/add room controller.php endpoint. This means an attacker can upload...