2 matches found
CVE-2022-1287 School Club Application System resource injection
A vulnerability classified as critical was found in School Club Application System 1.0. This vulnerability affects a request to the file /scas/classes/Users.php?f=saveuser. The manipulation with a POST request leads to privilege escalation. The attack can be initiated remotely and does not requir...
CVE-2022-1287
The CVE-2022-1287 entry concerns School Club Application System 1.0. A vulnerability in the handler for POST requests to /scas/classes/Users.php?f=save_user allows privilege escalation. The flaw is exploitable remotely without authentication, and exploitation has been publicly disclosed. This is ...