Lucene search
K

17 matches found

NVD
NVD
added 2024/05/14 3:45 p.m.20 views

CVE-2024-4824

Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/officeadmin/' index in the parameters groupsid, examname, classesid, esvoucherid, esclass, etc. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and...

9.8CVSS9.6AI score0.00737EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 3:45 p.m.14 views

CVE-2024-4823

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the index '/schoolerp/officeadmin/' in the parameters esbankacc, esbankname, esbankpin, escheckno, estellernumber, dc1 and dc2. An attacker could send a specially crafted JavaScript payload to an authenticated user and partially...

6.5CVSS6AI score0.00471EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 3:45 p.m.31 views

CVE-2024-4822

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the username and password parameters in '/index.php'. This vulnerability allows an attacker to partially take control of the victim's browser session...

6.5CVSS6.3AI score0.00439EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/13 11:29 a.m.24 views

CVE-2024-4824 SQL Injection in School ERP Pro+Responsive by AROX SOLUTION

Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/officeadmin/' index in the parameters groupsid, examname, classesid, esvoucherid, esclass, etc. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and...

9.8CVSS9.7AI score0.00737EPSS
Exploits0References1
CVE
CVE
added 2024/05/13 11:29 a.m.65 views

CVE-2024-4824

CVE-2024-4824 affects School ERP Pro+Responsive 1.0. The vulnerability is an SQL injection in the /SchoolERP/office_admin/ page via parameters such as groups_id, examname, classes_id, es_voucherid, es_class, etc., allowing a remote attacker to execute crafted queries and potentially retrieve all ...

9.8CVSS7.3AI score0.00737EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/13 11:27 a.m.16 views

CVE-2024-4823 Cross-site Scripting in School ERP Pro+Responsive by AROX SOLUTION

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the index '/schoolerp/officeadmin/' in the parameters esbankacc, esbankname, esbankpin, escheckno, estellernumber, dc1 and dc2. An attacker could send a specially crafted JavaScript payload to an authenticated user and partially...

6.5CVSS5.6AI score0.00471EPSS
Exploits0References1
CVE
CVE
added 2024/05/13 11:27 a.m.45 views

CVE-2024-4823

CVE-2024-4823 affects School ERP Pro+Responsive 1.0. The XSS flaw occurs in the index path /schoolerp/office_admin/ via parameters es_bankacc, es_bank_name, es_bank_pin, es_checkno, es_teller_number, dc1, and dc2. An authenticated user can receive a crafted JavaScript payload, enabling partial br...

6.5CVSS5.4AI score0.00471EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/13 11:27 a.m.23 views

CVE-2024-4823 Cross-site Scripting in School ERP Pro+Responsive by AROX SOLUTION

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the index '/schoolerp/officeadmin/' in the parameters esbankacc, esbankname, esbankpin, escheckno, estellernumber, dc1 and dc2. An attacker could send a specially crafted JavaScript payload to an authenticated user and partially...

6.5CVSS6.2AI score0.00471EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/13 11:26 a.m.22 views

CVE-2024-4822 Cross-site Scripting in School ERP Pro+Responsive by AROX SOLUTION

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the username and password parameters in '/index.php'. This vulnerability allows an attacker to partially take control of the victim's browser session...

6.5CVSS6.5AI score0.00439EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/13 11:26 a.m.19 views

CVE-2024-4822 Cross-site Scripting in School ERP Pro+Responsive by AROX SOLUTION

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the username and password parameters in '/index.php'. This vulnerability allows an attacker to partially take control of the victim's browser session...

6.5CVSS6.1AI score0.00439EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/13 12:0 a.m.5 views

PT-2024-33031 · Unknown · School Erp Pro+Responsive

Name of the Vulnerable Software and Affected Versions: School ERP Pro+Responsive version 1.0 Description: The issue allows an attacker to partially take control of the victim's browser session through a cross-site scripting XSS attack. This is achieved by exploiting the username and password...

6.5CVSS6.4AI score0.00439EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2018/10/23 12:0 a.m.50 views

School ERP Pro+Responsive 1.0 SQL Injection

Exploit Title: School ERP Pro+Responsive 1.0 - 'fid' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link: https://sourceforge.net/projects/school-management-system-php/files/latest/download Software Link: http://erp.arox.in/...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/23 12:0 a.m.24 views

School ERP Pro+Responsive 1.0 - Arbitrary File Download

School ERP Pro+Responsive 1.0 - Arbitrary File Download Exploit Title: School ERP Pro+Responsive 1.0 - Arbitrary File Download Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/10/23 12:0 a.m.41 views

School ERP Pro+Responsive 1.0 Arbitrary File Download

Exploit Title: School ERP Pro+Responsive 1.0 - Arbitrary File Download Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link: https://sourceforge.net/projects/school-management-system-php/files/latest/download Software Link: http://erp.arox.in/...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/23 12:0 a.m.15 views

School ERP Pro+Responsive 1.0 - fid SQL Injection

School ERP Pro+Responsive 1.0 - fid SQL Injection Exploit Title: School ERP Pro+Responsive 1.0 - 'fid' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link:...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/23 12:0 a.m.23 views

School ERP Pro+Responsive 1.0 - 'fid' SQL Injection

Exploit Title: School ERP Pro+Responsive 1.0 - 'fid' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link: https://sourceforge.net/projects/school-management-system-php/files/latest/download Software Link: http://erp.arox.in/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/23 12:0 a.m.25 views

School ERP Pro+Responsive 1.0 - Arbitrary File Download

Exploit Title: School ERP Pro+Responsive 1.0 - Arbitrary File Download Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link: https://sourceforge.net/projects/school-management-system-php/files/latest/download Software Link: http://erp.arox.in/...

7.4AI score
Exploits0
Rows per page
Query Builder