44 matches found
EUVD-2024-44133
Malicious code in bioql PyPI...
EUVD-2024-44287
Malicious code in bioql PyPI...
EUVD-2024-31513
Malicious code in bioql PyPI...
EUVD-2024-44312
Malicious code in bioql PyPI...
CVE-2024-5231
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view/teachersalarydetails.php. The manipulation of the argument index leads to sql injection. The attack may be...
CVE-2024-4646
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /view/studentpaymentdetails.php. The manipulation of the argument index leads to cross site scripting. It is possible to launc...
PT-2025-4074 · Unknown · Campcodes School Management
Name of the Vulnerable Software and Affected Versions: CampCodes School Management Software version 1.0 Description: A critical issue has been found in the Staff Handler component, specifically in an unknown function of the file "/edit-staff/". This leads to improper authorization and can be...
CampCodes School Management Software 代码注入漏洞
CampCodes School Management Software is a school management software from CampCodes, Inc. A code injection vulnerability exists in version 1.0 of CampCodes School Management Software, which stems from the parameter Notice in the file /notice-list and can lead to cross-site scripting...
CVE-2025-0581
A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. This affects an unknown part of the file /chat/group/send of the component Chat History. The manipulation of the argument message leads to cross site scripting. It is possible to initiate the...
CVE-2025-0559
A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to cross site...
CVE-2024-33800
A SQL injection vulnerability in /model/getstudent1.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter...
CVE-2024-33806
A SQL injection vulnerability in /model/getgrade.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...
PT-2024-25492 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the id parameter in the "/model/get student.php" API endpoint. Recommendations: For...
PT-2024-25234 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the id parameter in the "/model/approve petty cash.php" API endpoint. Recommendation...
CVE-2024-34934
A SQL injection vulnerability in /view/emarksrangegradeupdateform.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversationid parameter...
CVE-2024-34936
A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter...
CVE-2024-34931
A SQL injection vulnerability in /model/updatesubject.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter...
CVE-2024-34927
A SQL injection vulnerability in /model/updateclassroom.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter...
PT-2024-26255 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the name parameter in the "/model/update exam.php" API endpoint. Recommendations: Fo...
CVE-2024-5111
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. This affects an unknown part of the file /view/studentpaymentinvoice1.php. The manipulation of the argument date leads to sql injection. It is possible to initiate the attac...