CVE-2024-33992

Cross-Site Scripting XSS vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'view' parameter in '/student/index.php'...

CVE-2024-33987

Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'Attendance', 'attenddate', 'YearLevel...

School Event Management System 跨站脚本漏洞

School Event Management System is a school event management system. A cross-site scripting vulnerability exists in School Event Management System version 1.0. An attacker can create a specially crafted URL and send it to a victim to obtain their session details via the "view" parameter in...

School Event Management System 跨站脚本漏洞

School Event Management System is a school event management system. A cross-site scripting vulnerability exists in School Event Management System version 1.0. An attacker can create a specially crafted URL and send it to a victim to obtain their session details via the "view" parameter in...

School Event Management System 安全漏洞

School Event Management System is a school event management system. A security vulnerability exists in School Event Management System version 1.0. The vulnerability can be exploited to send a specially crafted JavaScript load to a user to take over their browser session via the "id" and "view in...

School Event Management System Cross-Site Request Forgery Vulnerability

School Event Management System is a school event management system. A cross-site request forgery vulnerability exists in School Event Management System version 1.0, which can be exploited by remote attackers to update administrator information with the help of user/controller.php?action=edit URL...