5 matches found
CVE-2024-4824 SQL Injection in School ERP Pro+Responsive by AROX SOLUTION
Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/officeadmin/' index in the parameters groupsid, examname, classesid, esvoucherid, esclass, etc. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and...
CVE-2024-4824 SQL Injection in School ERP Pro+Responsive by AROX SOLUTION
Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/officeadmin/' index in the parameters groupsid, examname, classesid, esvoucherid, esclass, etc. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and...
CVE-2024-4823 Cross-site Scripting in School ERP Pro+Responsive by AROX SOLUTION
Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the index '/schoolerp/officeadmin/' in the parameters esbankacc, esbankname, esbankpin, escheckno, estellernumber, dc1 and dc2. An attacker could send a specially crafted JavaScript payload to an authenticated user and partially...
CVE-2024-4822 Cross-site Scripting in School ERP Pro+Responsive by AROX SOLUTION
Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the username and password parameters in '/index.php'. This vulnerability allows an attacker to partially take control of the victim's browser session...
CVE-2024-4822 Cross-site Scripting in School ERP Pro+Responsive by AROX SOLUTION
Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the username and password parameters in '/index.php'. This vulnerability allows an attacker to partially take control of the victim's browser session...