169 matches found
CVE-2024-41250
An Incorrect Access Control vulnerability was found in /smsa/viewstudents.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT details...
Kashipara Responsive School Management System 安全漏洞
Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in Kashipara Responsive School Management System version v3.2.0, which originates from a reflected cross-site scripting vulnerability contained in the /smsa/adminlogin.php...
CVE-2024-41242
CVE-2024-41242 is a Reflected Cross Site Scripting (XSS) vulnerability in Kashipara Responsive School Management System v3.2.0, occurring in /smsa/student_login.php via the error parameter. The related Red Hat and CVE records corroborate that remote attackers can inject scripts, with impact descr...
CVE-2024-41243
CVE-2024-41243 : An Incorrect Access Control flaw exists in Kashipara Responsive School Management System v3.2.0, in the /smsa/view_marks.php endpoint. The vulnerability allows remote unauthenticated attackers to view MARKS details, exposing confidential student data. The public documents do not ...
Kashipara Responsive School Management System 安全漏洞
Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in Kashipara Responsive School Management System version v3.2.0, which stems from an incorrect access control vulnerability contained in the /smsa/viewsubject.php file...
CVE-2024-41249
An Incorrect Access Control vulnerability was found in /smsa/viewsubject.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view SUBJECT details...
Kashipara Responsive School Management System 安全漏洞
Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in Kashipara Responsive School Management System version v3.2.0, which originates from a reflected cross-site scripting vulnerability contained in the /smsa/studentlogin.php...
Kashipara Responsive School Management System 跨站脚本漏洞
Kashipara Responsive School Management System is a school management system from Kashipara. A cross-site scripting vulnerability exists in Kashipara Responsive School Management System version v3.2.0, which stems from a stored cross-site scripting vulnerability contained in the...
CVE-2024-41251
An Incorrect Access Control vulnerability was found in /smsa/adminteacherregisterapproval.php and /smsa/adminteacherregisterapprovalsubmit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve Teacher registration...
CVE-2024-33402
A SQL injection vulnerability in /model/approvepettycash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-33801
A SQL injection vulnerability in /model/getsubjectrouting.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-33807
A SQL injection vulnerability in /model/getteachertimetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter...
CVE-2024-33805
A SQL injection vulnerability in /model/getstudent.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-33799
A SQL injection vulnerability in /model/getteacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...
Campcodes Complete Web-Based School Management System 安全漏洞
Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in Complete Web-Based School Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the id...
PT-2024-25489 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue exists in the /model/get student subject.php file, allowing an attacker to execute arbitrary SQL commands by manipulating the index parameter...
PT-2024-25493 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the id parameter in the "/model/get grade.php" API endpoint. Recommendations: For...
PT-2024-25488 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the id parameter in the "/model/get subject routing.php" API endpoint...
PT-2024-25495 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the id parameter in the "/model/get timetable.php" API endpoint. This could...
CVE-2024-34933
A SQL injection vulnerability in /model/updategrade.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the admissionfee parameter...