65 matches found
CVE-2020-37090
CVE-2020-37090 affects School ERP Pro 1.0. The vulnerability resides in the message-attachment file upload, which can be exploited to upload arbitrary PHP files, enabling remote code execution on the server. Root cause evidenced in the connected PT-2026-5840 entry: inadequate validation/verificat...
EUVD-2017-18914
Malware in sbrugna...
EUVD-2020-29370
Malware in sbrugna...
EUVD-2020-29371
Malware in sbrugna...
EUVD-2025-1757
Malicious code in bioql PyPI...
EUVD-2025-1756
Malicious code in bioql PyPI...
EUVD-2025-1777
Malicious code in bioql PyPI...
EUVD-2025-1833
Malicious code in bioql PyPI...
CVE-2025-47572
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in mojoomla School Management allows PHP Local File Inclusion. This issue affects School Management: from n/a through 93.0.0...
Unifiedtransform 安全漏洞
Unifiedtransform is an open source school management software by Hasib Mahmud Individual Developer. A security vulnerability exists in Unifiedtransform version v2.0, which stems from the /course/edit/id endpoint vulnerability and could lead to remote elevation of privilege...
Exploit for Incorrect Privilege Assignment in Changeweb Unifiedtransform
Description Unifiedtransform v2.0 is vulnerable to Incorrect...
CVE-2025-0581
A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. This affects an unknown part of the file /chat/group/send of the component Chat History. The manipulation of the argument message leads to cross site scripting. It is possible to initiate the...
CVE-2025-0849
A vulnerability classified as critical has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /edit-staff/ of the component Staff Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit h...
CVE-2025-0559
A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to cross site...
CVE-2020-8504
School Management Software PHP/mySQL through 2019-03-14 allows officeadmin/?action=addadmin CSRF to add an administrative user...
CVE-2020-8505
School Management Software PHP/mySQL through 2019-03-14 allows officeadmin/?action=deleteadmin CSRF to delete a user...
CVE-2017-20196
A vulnerability was found in Itechscripts School Management Software 2.75. It has been classified as critical. This affects an unknown part of the file /notice-edit.php. The manipulation of the argument aid leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...
Edunext Systems + School Management Software 1.0 SQL Injection
Edunext Systems + School Management Software version 1.0 suffers from multiple remote SQL injection vulnerabilities. Exploit Title: Edunext Systems + School Management Software Multiple SQL injection Google Dork: inurl:/page.php?PAGE= , inurl:/image-gallery-detail.php?galid= , intext:Powered by...
Unifiedtransform 安全漏洞
Unifiedtransform is an open source school management software from the individual developer Hasib Mahmud. A security vulnerability exists in Unifiedtransform version 2.0 that stems from improper access control and could lead to elevated privileges...
CVE-2025-1159 CampCodes School Management Software academic-calendar cross site scripting
A vulnerability was found in CampCodes School Management Software 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /academic-calendar. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit h...