5 matches found
Gibbon School Platform 26.0.00 Code Injection
============================================================================================================================================= | Title : Gibbon School Platform 26.0.00 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
CVE-2024-34928
A SQL injection vulnerability in /model/updatesubjectrouting.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter...
Gibbon School Platform Authenticated PHP Deserialization Vulnerability
A Remote Code Execution vulnerability in Gibbon online school platform version 26.0.00 and lower allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the endpoint /modules/System%20Admin/importrun.php&type=externalAssessment&step=4. As it...
Gibbon School Platform 26.0.00 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gibbon School Platform Authenticated PHP Deserialization Vulnerability', 'Description' = %q A Remote Code Execution vulnerability in Gibbon onlin...
Information leakage vulnerability in Yinda Hui Zhi An School Easy Intelligent Comprehensive Management Platform
Yinda Hui Zhi An School Easy Intelligent Comprehensive Management Platform is a comprehensive campus information management system, the business includes campus card, attendance, access and so on. There is an information leakage vulnerability in Yinda Hui Zhi An School Easy Intelligent Integrated...