30 matches found
Arox School ERP Pro SQL注入漏洞
Arox School ERP Pro is a one-stop automation management platform offered by Arox Corporation. Version 1.0 of School ERP Pro has a SQL injection vulnerability. This vulnerability stems from the esmessagesid parameter, which allows attackers to inject custom SQL statements through GET requests. As ...
Arox School ERP Pro 代码问题漏洞
Arox School ERP Pro is a one-stop automation management platform offered by Arox Corporation. Version 1.0 of Arox School ERP Pro has a code vulnerability. This vulnerability stems from improper file validation in the pre-editstudent.inc.php file. It allows authenticated administrator users to...
EUVD-2017-7394
Malware in sbrugna...
EUVD-2022-53367
Malicious code in bioql PyPI...
CVE-2022-32119
Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...
CVE-2022-32118
Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the dispatchcategory parameter in backoffice.inc.php...
CVE-2019-13294
AROX School-ERP Pro has a command execution vulnerability. importstud.php and uploadfille.php do not have session control. Therefore an unauthenticated user can execute a command on the system...
CVE-2022-32118
Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the dispatchcategory parameter in backoffice.inc.php...
Cross site scripting
Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the dispatchcategory parameter in backoffice.inc.php...
CVE-2022-32118
Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the dispatchcategory parameter in backoffice.inc.php...
CVE-2022-32118
The CVE-2022-32118 entry concerns Arox School ERP Pro v1.0, where a cross-site scripting (XSS) vulnerability exists in the backoffice.inc.php file, exploitable via the dispatchcategory parameter. The issue is triggered by unsanitized input passed to dispatchcategory, enabling potentially crafted ...
EUVD-2022-53368
Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...
CVE-2022-32119
Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...
AROX School-ERP Pro 代码问题漏洞
AROX School-ERP Pro is a web-based school management system. The system includes functions such as curriculum management, attendance management, financial management, human resource management and examination management. A security vulnerability exists in AROX School-ERP Pro v1.0, which can be...
CVE-2019-13294
AROX School-ERP Pro has a command execution vulnerability. importstud.php and uploadfille.php do not have session control. Therefore an unauthenticated user can execute a command on the system...
CVE-2019-13294
AROX School-ERP Pro has a command execution vulnerability. importstud.php and uploadfille.php do not have session control. Therefore an unauthenticated user can execute a command on the system...
AROX School-ERP Pro - Unauthenticated Remote Command Execution Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AROX School-ERP Pro Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a command execution vulnerability in AROX...
AROX School-ERP Pro Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AROX School-ERP Pro Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a command execution vulnerability in AROX...
AROX School-ERP Pro - Unauthenticated Remote Command Execution (Metasploit)
AROX School-ERP Pro - Unauthenticated Remote Command Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AROX School-ERP Pro Unauthenticated Remote Code Execution", 'Descriptio...
AROX School-ERP Pro - Unauthenticated Remote Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AROX School-ERP Pro Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a command execution vulnerability in AROX...