4 matches found
CVE-2022-34580
Advanced School Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the address parameter at ip/school/index.php...
CVE-2022-34580
CVE-2022-34580 affects Advanced School Management System v1.0. The issue is a cross-site scripting (XSS) vulnerability exploitable via the address parameter at ip/school/index.php. Documented CVSS: 4.8 (MEDIUM) with network attack vector, high privileges required and user interaction. APT/Exploit...
CVE-2022-32433
itsourcecode Advanced School Management System v1.0 is vulnerable to Arbitrary code execution via ip/school/view/allteacher.php...
CVE-2022-32433
CVE-2022-32433 affects itsourcecode Advanced School Management System v1.0. The vulnerability enables Arbitrary code execution via the endpoint ip/school/view/all_teacher.php. The CVE entry provides a basic impact assessment (CVSS v3.1: base score 7.2, HIGH) and indicates network-based access wit...