Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OSV
OSVadded 2024/05/14 3:45 p.m.2 views

CVE-2024-4824

Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/officeadmin/' index in the parameters groupsid, examname, classesid, esvoucherid, esclass, etc. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and...

9.8CVSS5.9AI score0.01285EPSS
Exploits0References1
OSV
OSVadded 2024/05/14 3:45 p.m.2 views

CVE-2024-4823

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the index '/schoolerp/officeadmin/' in the parameters esbankacc, esbankname, esbankpin, escheckno, estellernumber, dc1 and dc2. An attacker could send a specially crafted JavaScript payload to an authenticated user and partially...

6.1CVSS5.8AI score
Exploits0References1
CNNVD
CNNVDadded 2024/05/14 12:0 a.m.1 views

Web-School ERP SQL注入漏洞

Web-School ERP is an application from Web-School India. An ERP application. A SQL injection vulnerability exists in Web-School ERP version 1.0, which originates from a SQL injection vulnerability in the groupsid, examname, classesid, esvoucherid, esclass, etc parameters on the...

9.8CVSS7.9AI score0.01285EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/05/14 12:0 a.m.1 views

Web-School ERP 跨站脚本漏洞

Web-School ERP is an application from Web-School India, Inc. An ERP application. A cross-site scripting vulnerability exists in School ERP Pro+Responsive version 1.0, which originates from a cross-site scripting vulnerability in the /schoolerp/officeadmin/ page for the esbankacc, esbankname,...

6.5CVSS5.9AI score0.00267EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/05/13 12:0 a.m.2 views

PT-2024-33051 · Unknown · School Erp Pro+Responsive

Name of the Vulnerable Software and Affected Versions: School ERP Pro+Responsive version 1.0 Description: The issue allows SQL injection through the "/SchoolERP/office admin/" index in parameters such as groups id, examname, classes id, es voucherid, es class, etc. This could enable a remote...

9.8CVSS7.4AI score0.01285EPSS
Exploits0References3
OSV
OSVadded 2022/09/02 1:15 a.m.1 views

CVE-2021-25657

A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. This issue affects Admin Lite and USB Creator 11.1 Feature Pack 2 Service Pack 1 and earlier versions...

7.8CVSS5.8AI score
Exploits0References2
OSV
OSVadded 2020/01/31 10:15 p.m.1 views

CVE-2020-8505

School Management Software PHP/mySQL through 2019-03-14 allows officeadmin/?action=deleteadmin CSRF to delete a user...

6.5CVSS5.8AI score
Exploits0References1
CNVD
CNVDadded 2017/11/01 12:0 a.m.1 views

AROX School ERP PHP Script SQL Injection Vulnerability

AROX School ERP PHP Script is a web-based school management system. The system features enrollment management, class management, library management and fund management. A SQL injection vulnerability exists in AROX School ERP PHP Script version 1.0. A remote attacker can exploit this vulnerability...

9.8CVSS8.3AI score0.01411EPSS
Exploits5References1
OSV
OSVadded 2017/10/31 7:29 a.m.1 views

CVE-2017-15978

AROX School ERP PHP Script 1.0 allows SQL Injection via the officeadmin/ id parameter...

9.8CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder