34 matches found
Arox School ERP Pro 代码问题漏洞
Arox School ERP Pro is a one-stop automation management platform offered by Arox Corporation. Version 1.0 of Arox School ERP Pro has code-related vulnerabilities. These vulnerabilities stem from a file upload vulnerability in the message attachment function, which allows students to upload any PH...
Arox School ERP Pro SQL注入漏洞
Arox School ERP Pro is a one-stop automation management platform offered by Arox Corporation. Version 1.0 of School ERP Pro has a SQL injection vulnerability. This vulnerability stems from the esmessagesid parameter, which allows attackers to inject custom SQL statements through GET requests. As ...
Arox School ERP Pro 代码问题漏洞
Arox School ERP Pro is a one-stop automation management platform offered by Arox Corporation. Version 1.0 of Arox School ERP Pro has a code vulnerability. This vulnerability stems from improper file validation in the pre-editstudent.inc.php file. It allows authenticated administrator users to...
EUVD-2017-7394
Malware in sbrugna...
EUVD-2022-53367
Malicious code in bioql PyPI...
CVE-2022-32119
Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...
CVE-2022-32118
Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the dispatchcategory parameter in backoffice.inc.php...
CVE-2019-13294
AROX School-ERP Pro has a command execution vulnerability. importstud.php and uploadfille.php do not have session control. Therefore an unauthenticated user can execute a command on the system...
CVE-2022-32119
Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...
CVE-2022-32118
Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the dispatchcategory parameter in backoffice.inc.php...
CVE-2022-32118
Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the dispatchcategory parameter in backoffice.inc.php...
Cross site scripting
Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the dispatchcategory parameter in backoffice.inc.php...
CVE-2022-32118
The CVE-2022-32118 entry concerns Arox School ERP Pro v1.0, where a cross-site scripting (XSS) vulnerability exists in the backoffice.inc.php file, exploitable via the dispatchcategory parameter. The issue is triggered by unsanitized input passed to dispatchcategory, enabling potentially crafted ...
CVE-2022-32118
Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the dispatchcategory parameter in backoffice.inc.php...
EUVD-2022-53368
Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...
CVE-2022-32119
Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...
AROX School-ERP Pro 代码问题漏洞
AROX School-ERP Pro is a web-based school management system. The system includes functions such as curriculum management, attendance management, financial management, human resource management and examination management. A security vulnerability exists in AROX School-ERP Pro v1.0, which can be...
AROX School-ERP Pro 跨站脚本漏洞
AROX School-ERP Pro is a web-based school management system. The system includes functions such as course management, attendance management, financial management, human resource management and examination management. A security vulnerability exists in AROX School-ERP Pro v1.0, which originates fr...
CVE-2019-13294
AROX School-ERP Pro has a command execution vulnerability. importstud.php and uploadfille.php do not have session control. Therefore an unauthenticated user can execute a command on the system...
CVE-2019-13294
AROX School-ERP Pro has a command execution vulnerability. importstud.php and uploadfille.php do not have session control. Therefore an unauthenticated user can execute a command on the system...