17 matches found
CVE-2024-4824
Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/officeadmin/' index in the parameters groupsid, examname, classesid, esvoucherid, esclass, etc. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and...
CVE-2024-4823
Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the index '/schoolerp/officeadmin/' in the parameters esbankacc, esbankname, esbankpin, escheckno, estellernumber, dc1 and dc2. An attacker could send a specially crafted JavaScript payload to an authenticated user and partially...
CVE-2024-4822
Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the username and password parameters in '/index.php'. This vulnerability allows an attacker to partially take control of the victim's browser session...
CVE-2024-4824 SQL Injection in School ERP Pro+Responsive by AROX SOLUTION
Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/officeadmin/' index in the parameters groupsid, examname, classesid, esvoucherid, esclass, etc. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and...
CVE-2024-4824
CVE-2024-4824 affects School ERP Pro+Responsive 1.0. The vulnerability is an SQL injection in the /SchoolERP/office_admin/ page via parameters such as groups_id, examname, classes_id, es_voucherid, es_class, etc., allowing a remote attacker to execute crafted queries and potentially retrieve all ...
CVE-2024-4823 Cross-site Scripting in School ERP Pro+Responsive by AROX SOLUTION
Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the index '/schoolerp/officeadmin/' in the parameters esbankacc, esbankname, esbankpin, escheckno, estellernumber, dc1 and dc2. An attacker could send a specially crafted JavaScript payload to an authenticated user and partially...
CVE-2024-4823 Cross-site Scripting in School ERP Pro+Responsive by AROX SOLUTION
Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the index '/schoolerp/officeadmin/' in the parameters esbankacc, esbankname, esbankpin, escheckno, estellernumber, dc1 and dc2. An attacker could send a specially crafted JavaScript payload to an authenticated user and partially...
CVE-2024-4823
CVE-2024-4823 affects School ERP Pro+Responsive 1.0. The XSS flaw occurs in the index path /schoolerp/office_admin/ via parameters es_bankacc, es_bank_name, es_bank_pin, es_checkno, es_teller_number, dc1, and dc2. An authenticated user can receive a crafted JavaScript payload, enabling partial br...
CVE-2024-4822 Cross-site Scripting in School ERP Pro+Responsive by AROX SOLUTION
Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the username and password parameters in '/index.php'. This vulnerability allows an attacker to partially take control of the victim's browser session...
CVE-2024-4822 Cross-site Scripting in School ERP Pro+Responsive by AROX SOLUTION
Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the username and password parameters in '/index.php'. This vulnerability allows an attacker to partially take control of the victim's browser session...
PT-2024-33031 · Unknown · School Erp Pro+Responsive
Name of the Vulnerable Software and Affected Versions: School ERP Pro+Responsive version 1.0 Description: The issue allows an attacker to partially take control of the victim's browser session through a cross-site scripting XSS attack. This is achieved by exploiting the username and password...
School ERP Pro+Responsive 1.0 SQL Injection
Exploit Title: School ERP Pro+Responsive 1.0 - 'fid' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link: https://sourceforge.net/projects/school-management-system-php/files/latest/download Software Link: http://erp.arox.in/...
School ERP Pro+Responsive 1.0 - Arbitrary File Download
School ERP Pro+Responsive 1.0 - Arbitrary File Download Exploit Title: School ERP Pro+Responsive 1.0 - Arbitrary File Download Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link:...
School ERP Pro+Responsive 1.0 Arbitrary File Download
Exploit Title: School ERP Pro+Responsive 1.0 - Arbitrary File Download Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link: https://sourceforge.net/projects/school-management-system-php/files/latest/download Software Link: http://erp.arox.in/...
School ERP Pro+Responsive 1.0 - fid SQL Injection
School ERP Pro+Responsive 1.0 - fid SQL Injection Exploit Title: School ERP Pro+Responsive 1.0 - 'fid' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link:...
School ERP Pro+Responsive 1.0 - 'fid' SQL Injection
Exploit Title: School ERP Pro+Responsive 1.0 - 'fid' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link: https://sourceforge.net/projects/school-management-system-php/files/latest/download Software Link: http://erp.arox.in/...
School ERP Pro+Responsive 1.0 - Arbitrary File Download
Exploit Title: School ERP Pro+Responsive 1.0 - Arbitrary File Download Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link: https://sourceforge.net/projects/school-management-system-php/files/latest/download Software Link: http://erp.arox.in/...