16 matches found
EUVD-2024-34492
Malicious code in bioql PyPI...
CVE-2024-33911
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4...
CVE-2024-33911
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4...
CVE-2024-33911
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4...
CVE-2024-33911 WordPress The School Management Pro plugin <= 10.3.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4...
CVE-2024-33911 WordPress The School Management Pro plugin <= 10.3.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4...
CVE-2024-33911
CVE-2024-33911 concerns Weblizar School Management Pro (School Management Pro
PT-2024-25544 · Weblizar · Weblizar School Management Pro
Name of the Vulnerable Software and Affected Versions: Weblizar School Management Pro versions through 10.3.4 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation...
WordPress plugin School Management Pro SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress The School Management Pro plugin <= 10.3.4 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Ivan Spiridonov Patchstack Alliance in WordPress Plugin School Management Pro versions = 10.3.4...
WordPress School Management Pro Plugin <= 10.3.4 is vulnerable to SQL Injection
Software School Management Pro Type Plugin Vulnerable versions = 10.3.4 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-33911 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 78a8a05cb12b Credits Ivan Spiridonov Required privilege School...
Weblizar School Management Pro plugin backdoor
Added: 08/12/2022 CVE: CVE-2022-1609 Background Weblizar School Management is a WordPress plugin for management of school operations. Problem The license checking code in School Management Pro contains a backdoor which allows remote attackers to execute arbitrary commands. Resolution Upgrade to t...
The vulnerability of the REST API implementation of the plugin for managing a school and its objects in the School Management Pro system, a content management system for WordPress websites, allows a malicious individual to execute arbitrary PHP code and gain full control over the application.
The vulnerability of the REST API implementation of the School Management Pro plugin for managing schools and their objects in the WordPress content management system is related to improper code generation. Exploiting this vulnerability allows an attacker to execute arbitrary PHP code and gain fu...
WordPress plugin School Management Pro 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in th...
Researchers Find Backdoor in School Management Plugin for WordPress
Multiple versions of a WordPress plugin by the name of "School Management Pro" harbored a backdoor that could grant an adversary complete control over vulnerable websites. The issue, spotted in premium versions before 9.9.7, has been assigned the CVE identifier CVE-2022-1609 and is rated 10 out o...
WordPress School Management Pro premium plugin < 9.9.7 - Unauthenticated Remote Code Execution (RCE) via REST API
Unauthenticated Remote Code Execution RCE via REST API discovered by Jetpack Scan Team and WordPress elevated support team in WordPress School Management Pro premium plugin versions 9.9.7. Solution Update the WordPress School Management Pro premium plugin to the latest available version at least...