Lucene search
K

30 matches found

CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

Arox School ERP Pro SQL注入漏洞

Arox School ERP Pro is a one-stop automation management platform offered by Arox Corporation. Version 1.0 of School ERP Pro has a SQL injection vulnerability. This vulnerability stems from the esmessagesid parameter, which allows attackers to inject custom SQL statements through GET requests. As ...

9.8CVSS5.8AI score0.00335EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

Arox School ERP Pro 代码问题漏洞

Arox School ERP Pro is a one-stop automation management platform offered by Arox Corporation. Version 1.0 of Arox School ERP Pro has a code vulnerability. This vulnerability stems from improper file validation in the pre-editstudent.inc.php file. It allows authenticated administrator users to...

8.6CVSS6.1AI score0.00814EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2017-7394

Malware in sbrugna...

9.8CVSS9.4AI score0.02652EPSS
Exploits5References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-53367

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00948EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:11 p.m.7 views

CVE-2022-32119

Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...

8.8CVSS7.7AI score0.01608EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:56 p.m.10 views

CVE-2022-32118

Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the dispatchcategory parameter in backoffice.inc.php...

6.1CVSS6.2AI score0.00948EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:7 a.m.7 views

CVE-2019-13294

AROX School-ERP Pro has a command execution vulnerability. importstud.php and uploadfille.php do not have session control. Therefore an unauthenticated user can execute a command on the system...

10CVSS7.5AI score0.18753EPSS
Exploits1References1
NVD
NVD
added 2022/07/15 12:15 p.m.25 views

CVE-2022-32118

Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the dispatchcategory parameter in backoffice.inc.php...

6.1CVSS0.00948EPSS
Exploits1References2
Prion
Prion
added 2022/07/15 12:15 p.m.18 views

Cross site scripting

Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the dispatchcategory parameter in backoffice.inc.php...

5.8CVSS6AI score0.00948EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/07/15 11:13 a.m.29 views

CVE-2022-32118

Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the dispatchcategory parameter in backoffice.inc.php...

6.2AI score0.00948EPSS
Exploits1References2
CVE
CVE
added 2022/07/15 11:13 a.m.69 views

CVE-2022-32118

The CVE-2022-32118 entry concerns Arox School ERP Pro v1.0, where a cross-site scripting (XSS) vulnerability exists in the backoffice.inc.php file, exploitable via the dispatchcategory parameter. The issue is triggered by unsanitized input passed to dispatchcategory, enabling potentially crafted ...

6.1CVSS6AI score0.00948EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2022/07/15 11:13 a.m.6 views

EUVD-2022-53368

Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...

8.8CVSS9AI score0.01608EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/07/15 11:13 a.m.29 views

CVE-2022-32119

Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...

9.1AI score0.01608EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/07/15 12:0 a.m.4 views

AROX School-ERP Pro 代码问题漏洞

AROX School-ERP Pro is a web-based school management system. The system includes functions such as curriculum management, attendance management, financial management, human resource management and examination management. A security vulnerability exists in AROX School-ERP Pro v1.0, which can be...

8.8CVSS8AI score0.01608EPSS
Exploits1References4
NVD
NVD
added 2019/07/04 11:15 p.m.14 views

CVE-2019-13294

AROX School-ERP Pro has a command execution vulnerability. importstud.php and uploadfille.php do not have session control. Therefore an unauthenticated user can execute a command on the system...

10CVSS9.8AI score0.18753EPSS
Exploits1References2
Cvelist
Cvelist
added 2019/07/04 10:9 p.m.23 views

CVE-2019-13294

AROX School-ERP Pro has a command execution vulnerability. importstud.php and uploadfille.php do not have session control. Therefore an unauthenticated user can execute a command on the system...

9.8AI score0.18753EPSS
Exploits1References2
0day.today
0day.today
added 2019/06/18 12:0 a.m.198 views

AROX School-ERP Pro - Unauthenticated Remote Command Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AROX School-ERP Pro Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a command execution vulnerability in AROX...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/06/17 12:0 a.m.135 views

AROX School-ERP Pro Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AROX School-ERP Pro Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a command execution vulnerability in AROX...

1AI score
Exploits0
exploitpack
exploitpack
added 2019/06/17 12:0 a.m.19 views

AROX School-ERP Pro - Unauthenticated Remote Command Execution (Metasploit)

AROX School-ERP Pro - Unauthenticated Remote Command Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AROX School-ERP Pro Unauthenticated Remote Code Execution", 'Descriptio...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2019/06/17 12:0 a.m.133 views

AROX School-ERP Pro - Unauthenticated Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AROX School-ERP Pro Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a command execution vulnerability in AROX...

7.4AI score
Exploits0
Rows per page
Query Builder