5 matches found
CVE-2020-8505
School Management Software PHP/mySQL through 2019-03-14 allows officeadmin/?action=deleteadmin CSRF to delete a user...
School ERP System 1.0 - Cross Site Request Forgery (Add Admin)
School ERP System 1.0 - Cross Site Request Forgery Add Admin Title: School ERP System 1.0 - Cross Site Request Forgery Add Admin Date: 2020-01-31 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/projects/school-erp-ultimate/files/ Software Link:...
School ERP System 1.0 - Cross Site Request Forgery (Add Admin)
Title: School ERP System 1.0 - Cross Site Request Forgery Add Admin Date: 2020-01-31 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/projects/school-erp-ultimate/files/ Software Link: https://sourceforge.net/projects/school-erp-ultimate/files/ Version ERP-Ultimate CVE:...
CVE-2020-8505
School Management Software PHP/mySQL through 2019-03-14 allows officeadmin/?action=deleteadmin CSRF to delete a user...
CVE-2020-8505
CVE-2020-8505 affects School Management Software PHP/MySQL (through 2019-03-14). The vulnerability is a Cross-Site Request Forgery that can trigger office_admin/?action=deleteadmin to delete a user. Documented in NVD with CVSS v2 base 4.3 (Partial integrity impact) and CVSS v3.1 base 6.5 (Partial...