Kashipara Society Management System Portal 安全漏洞

Kashipara Society Management System Portal is a community/property management system developed by Kashipara Corporation. Version 1.0 of the Kashipara Society Management System Portal contains a security vulnerability. This vulnerability stems from a stored-xss attack in the/admin/edituser.php pag...

CVE-2025-51567

A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassword parameters in a POST HTTP request...

CVE-2025-51567

A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassword parameters in a POST HTTP request...

CVE-2025-51567

A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassword parameters in a POST HTTP request...

Kashipara Online Exam System 安全漏洞

Kashipara Online Exam System is an online exam system from Kashipara. A security vulnerability exists in version V1.0 of the kashipara Online Exam System, which originates from unvalidated parameters rname, rcollage, rnumber, rgender, and rpassword in the /exam/user/profile.php page, which could...

PT-2026-2298

Name of the Vulnerable Software and Affected Versions kashipara Online Exam System version 1.0 Description A SQL Injection issue exists in the /exam/user/profile.php page. This allows remote attackers to execute arbitrary SQL commands and gain unauthorized database access. The issue is triggered...

CVE-2025-51567

CVE-2025-51567 affects Kashipara Online Exam System V1.0. The vulnerability is an SQL Injection in the /exam/user/profile.php page. The issue is triggered via POST parameters rname, rcollage, rnumber, rgender, and rpassword, allowing remote attackers to execute arbitrary SQL commands and potentia...

CVE-2025-51567

A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassword parameters in a POST HTTP request...

CVE-2025-51567

A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassword parameters in a POST HTTP request...

CVE-2024-41251

An Incorrect Access Control vulnerability was found in /smsa/adminteacherregisterapproval.php and /smsa/adminteacherregisterapprovalsubmit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve Teacher registration...

CVE-2024-41242

A Reflected Cross Site Scripting XSS vulnerability was found in /smsa/studentlogin.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter...

CVE-2024-41237

A SQL injection vulnerability in /smsa/teacherlogin.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter...

CVE-2024-41246

An Incorrect Access Control vulnerability was found in /smsa/admindashboard.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view administrator dashboard...

CVE-2024-41243

An Incorrect Access Control vulnerability was found in /smsa/viewmarks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details...

CVE-2024-41252

An Incorrect Access Control vulnerability was found in /smsa/adminstudentregisterapproval.php and /smsa/adminstudentregisterapprovalsubmit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve student registration...

CVE-2024-41238

A SQL injection vulnerability in /smsa/studentlogin.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter...

CVE-2024-41247

An Incorrect Access Control vulnerability was found in /smsa/addclass.php and /smsa/addclasssubmit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new class entry...

CVE-2024-41249

An Incorrect Access Control vulnerability was found in /smsa/viewsubject.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view SUBJECT details...

CVE-2024-46336

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting XSS via /clientuser/feedback.php...

CVE-2024-46334

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting XSS via the formuser and formpassword parameters in /adminLogin.php...