EUVD-2024-55086

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting XSS via the formuser and formpassword parameters in /adminLogin.php...

CVE-2024-46334

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting XSS via the formuser and formpassword parameters in /adminLogin.php...

CVE-2024-46334

CVE-2024-46334 affects Kashipara School Management System 1.0. The vulnerability is a Cross Site Scripting (XSS) flaw exploitable through the parameters formuser and formpassword in /adminLogin.php . The root cause is unvalidated/sanitized user input in this login endpoint, enabling scripts to be...

PT-2025-47170

Name of the Vulnerable Software and Affected Versions kashipara School Management System version 1.0 Description The software is susceptible to Cross Site Scripting XSS. The issue affects the /adminLogin.php endpoint, specifically through the formuser and formpassword parameters. Successful...

Sql injection

Multiple SQL injection vulnerabilities in myGesuad 0.9.14 aka 0.9 allow remote attackers to execute arbitrary SQL commands via 1 the formUser parameter aka the Name field to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail...

Sql injection

Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary SQL commands via 1 the formUser parameter aka the Name field to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to 2...

CVE-2009-1810

Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary SQL commands via 1 the formUser parameter aka the Name field to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to 2...