CVE-2026-4991

A vulnerability was detected in QDOCS Smart School Management System up to 7.2. The impacted element is an unknown function of the file /admin/enquiry of the component Admission Enquiry Module. Performing a manipulation of the argument Note results in cross site scripting. The attack is possible ...

CVE-2026-4991 QDOCS Smart School Management System Admission Enquiry enquiry cross site scripting

A vulnerability was detected in QDOCS Smart School Management System up to 7.2. The impacted element is an unknown function of the file /admin/enquiry of the component Admission Enquiry Module. Performing a manipulation of the argument Note results in cross site scripting. The attack is possible ...

QDocs Smart School Management System 代码注入漏洞

QDocs Smart School Management System is a smart community-building system developed by QDocs Corporation. Versions of the QDOCS Smart School Management System prior to 7.2 contained a code injection vulnerability. This vulnerability stemmed from incorrect handling of parameters in the...

CVE-2024-34240

QDOCS Smart School 7.0.0 is vulnerable to Cross Site Scripting XSS resulting in arbitrary code execution in admin functions related to adding or updating records...

QDOCS Smart School 跨站脚本漏洞

QDOCS Smart School is a smart school management system from QDOCS, Inc. A cross-site scripting vulnerability exists in QDOCS Smart School version 7.0, which stems from insufficient input validation of the parameters firstname, lastname, and guardianname in the file/onlineadmission, and could lead...

CVE-2025-60500

QDocs Smart School Management System 7.1 allows authenticated users with roles such as "accountant" or "admin" to bypass file type restrictions in the media upload feature by abusing the alternate YouTube URL option. This logic flaw permits uploading of arbitrary PHP files, which are stored in a...

CVE-2025-60500

QDocs Smart School Management System 7.1 allows authenticated users with roles such as "accountant" or "admin" to bypass file type restrictions in the media upload feature by abusing the alternate YouTube URL option. This logic flaw permits uploading of arbitrary PHP files, which are stored in a...

EUVD-2024-34706

Malicious code in bioql PyPI...

EUVD-2024-49416

Malicious code in bioql PyPI...

EUVD-2023-57809

Malicious code in bioql PyPI...

CVE-2024-8784

A vulnerability classified as critical was found in QDocs Smart School Management System 7.0.0. Affected by this vulnerability is an unknown functionality of the file /user/chat/mynewuser of the component Chat. The manipulation of the argument users with the input...

CVE-2023-5495

A vulnerability was found in QDocs Smart School 6.4.1. It has been classified as critical. This affects an unknown part of the file /course/filterRecords/ of the component HTTP POST Request Handler. The manipulation of the argument searchdata0title/searchdata0searchfield/searchdata0searchvalue...

CVE-2024-8784

A vulnerability classified as critical was found in QDocs Smart School Management System 7.0.0. Affected by this vulnerability is an unknown functionality of the file /user/chat/mynewuser of the component Chat. The manipulation of the argument users with the input...

CVE-2024-8784 QDocs Smart School Management System Chat mynewuser sql injection

A vulnerability classified as critical was found in QDocs Smart School Management System 7.0.0. Affected by this vulnerability is an unknown functionality of the file /user/chat/mynewuser of the component Chat. The manipulation of the argument users with the input...

CVE-2024-8784

CVE-2024-8784 affects QDocs Smart School Management System 7.0.0, specifically the Chat component at /user/chat/mynewuser. The vulnerability arises from manipulation of the POST parameter users[] that leads to SQL injection (exploitation described as remote). Publicly disclosed exploit exists; im...

QDocs Smart School Management System SQL注入漏洞

QDocs Smart School Management System is a smart group building system from QDocs, Inc. A SQL injection vulnerability exists in QDocs Smart School Management System version 7.0.0, which originates from a parameter in the file /user/chat/mynewuser that can lead to SQL injection...

PT-2024-39250 · Unknown · Qdocs Smart School Management System

Name of the Vulnerable Software and Affected Versions: QDocs Smart School Management System version 7.0.0 Description: A critical vulnerability was found in the QDocs Smart School Management System. The issue affects an unknown functionality of the file /user/chat/mynewuser of the component Chat...

CVE-2024-34240

QDOCS Smart School 7.0.0 is vulnerable to Cross Site Scripting XSS resulting in arbitrary code execution in admin functions related to adding or updating records...

CVE-2024-34240

QDOCS Smart School 7.0.0 is vulnerable to Cross Site Scripting XSS resulting in arbitrary code execution in admin functions related to adding or updating records...

CVE-2024-34240

QDOCS Smart School 7.0.0 is vulnerable to Cross Site Scripting XSS resulting in arbitrary code execution in admin functions related to adding or updating records...