EUVD-2024-55086

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting XSS via the formuser and formpassword parameters in /adminLogin.php...

CVE-2024-46334

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting XSS via the formuser and formpassword parameters in /adminLogin.php...

PT-2025-47170

Name of the Vulnerable Software and Affected Versions kashipara School Management System version 1.0 Description The software is susceptible to Cross Site Scripting XSS. The issue affects the /adminLogin.php endpoint, specifically through the formuser and formpassword parameters. Successful...

CVE-2024-46334

CVE-2024-46334 affects Kashipara School Management System 1.0. The vulnerability is a Cross Site Scripting (XSS) flaw exploitable through the parameters formuser and formpassword in /adminLogin.php . The root cause is unvalidated/sanitized user input in this login endpoint, enabling scripts to be...

Sql injection

Multiple SQL injection vulnerabilities in myGesuad 0.9.14 aka 0.9 allow remote attackers to execute arbitrary SQL commands via 1 the formUser parameter aka the Name field to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail...

Sql injection

Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary SQL commands via 1 the formUser parameter aka the Name field to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to 2...

CVE-2009-1810

Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary SQL commands via 1 the formUser parameter aka the Name field to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to 2...