CVE-2025-41107

Stored Cross Site Scripting XSS vulnerability in Smart School 7.0 due to lack of proper validation of user input when sending a POST request to '/onlineadmission', wich affects the parameters 'firstname', 'lastname', 'guardianname' and others. This vulnerability could allow a remote user to send ...

Unifiedtransform 访问控制错误漏洞

Unifiedtransform is an open source school management software from the individual developer Hasib Mahmud. Unifiedtransform suffers from an Access Control Error vulnerability that stems from a lack of access control and allows unauthorized users to view and modify other users' information...

CVE-2025-1159

A vulnerability was found in CampCodes School Management Software 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /academic-calendar. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit h...

CVE-2025-0849

A vulnerability classified as critical has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /edit-staff/ of the component Staff Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit h...

Campcodes School Management Software 代码注入漏洞

Campcodes School Management Software is a school management software from Campcodes, Inc. A code injection vulnerability exists in Campcodes School Management Software version 1.0, which originates from a cross-site scripting vulnerability in the ID Card Title parameter of the /create-id-card fil...

CVE-2024-27713

An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the HTTP Response Header Settings component...

CVE-2024-27710

An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the authentication mechanism...

Trove of UK Student Records Exposed in School Software Server Leak

By Waqas Hundreds of thousands of UK student records exposed in software firm's server leak putting names, grades, and photos at risk - Learn more about the school software breach and how to protect your child's information. This is a post from HackRead.com Read the original post: Trove of UK...

Free School Management Software 代码问题漏洞

Free School Management Software is a free and open source school software by Gosfem Individual Developer. A code issue vulnerability exists in Free school management software that stems from an unrestricted file upload vulnerability. An attacker could use this vulnerability to enable remote code...

Biqs It Biqs-drive Local File Inclusion Vulnerability

Biqs It Biqs-drive is an online driving school software from the Belgian company Biqs It. BIQS IT Biqs-drive v1.83 and below is vulnerable to a local file inclusion vulnerability, which could be exploited by attackers to read arbitrary files from the server using the privileges of the configured...

Teen Hacker Finds Bugs in School Software That Exposed Millions of Records

Some kids play in a band after school. Bill Demirkapi hacked two education software giants...