Lucene search
K

169 matches found

OSV
OSV
added 2024/08/07 5:15 p.m.3 views

CVE-2024-41250

An Incorrect Access Control vulnerability was found in /smsa/viewstudents.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT details...

5.3CVSS5.8AI score0.00485EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/08/07 12:0 a.m.4 views

Kashipara Responsive School Management System 安全漏洞

Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in Kashipara Responsive School Management System version v3.2.0, which originates from a reflected cross-site scripting vulnerability contained in the /smsa/adminlogin.php...

6.1CVSS6.1AI score0.00434EPSS
Exploits1References2
CVE
CVE
added 2024/08/07 12:0 a.m.44 views

CVE-2024-41242

CVE-2024-41242 is a Reflected Cross Site Scripting (XSS) vulnerability in Kashipara Responsive School Management System v3.2.0, occurring in /smsa/student_login.php via the error parameter. The related Red Hat and CVE records corroborate that remote attackers can inject scripts, with impact descr...

6.1CVSS6.6AI score0.00452EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2024/08/07 12:0 a.m.35 views

CVE-2024-41243

CVE-2024-41243 : An Incorrect Access Control flaw exists in Kashipara Responsive School Management System v3.2.0, in the /smsa/view_marks.php endpoint. The vulnerability allows remote unauthenticated attackers to view MARKS details, exposing confidential student data. The public documents do not ...

5.3CVSS6.8AI score0.00514EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2024/08/07 12:0 a.m.2 views

Kashipara Responsive School Management System 安全漏洞

Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in Kashipara Responsive School Management System version v3.2.0, which stems from an incorrect access control vulnerability contained in the /smsa/viewsubject.php file...

7.5CVSS6.7AI score0.00638EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/08/07 12:0 a.m.17 views

CVE-2024-41249

An Incorrect Access Control vulnerability was found in /smsa/viewsubject.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view SUBJECT details...

0.00638EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/08/07 12:0 a.m.3 views

Kashipara Responsive School Management System 安全漏洞

Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in Kashipara Responsive School Management System version v3.2.0, which originates from a reflected cross-site scripting vulnerability contained in the /smsa/studentlogin.php...

6.1CVSS6.1AI score0.00452EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/08/07 12:0 a.m.6 views

Kashipara Responsive School Management System 跨站脚本漏洞

Kashipara Responsive School Management System is a school management system from Kashipara. A cross-site scripting vulnerability exists in Kashipara Responsive School Management System version v3.2.0, which stems from a stored cross-site scripting vulnerability contained in the...

5.9CVSS6AI score0.00483EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/08/07 12:0 a.m.13 views

CVE-2024-41251

An Incorrect Access Control vulnerability was found in /smsa/adminteacherregisterapproval.php and /smsa/adminteacherregisterapprovalsubmit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve Teacher registration...

7.1AI score0.00448EPSS
Exploits1References1
OSV
OSV
added 2024/05/28 6:15 p.m.3 views

CVE-2024-33402

A SQL injection vulnerability in /model/approvepettycash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter...

8.1CVSS6.1AI score0.00438EPSS
Exploits1References1
OSV
OSV
added 2024/05/28 4:15 p.m.0 views

CVE-2024-33801

A SQL injection vulnerability in /model/getsubjectrouting.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...

9.8CVSS6.1AI score
Exploits0References1
OSV
OSV
added 2024/05/28 4:15 p.m.5 views

CVE-2024-33807

A SQL injection vulnerability in /model/getteachertimetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter...

5.4CVSS6.1AI score0.00286EPSS
Exploits1References1
OSV
OSV
added 2024/05/28 4:15 p.m.3 views

CVE-2024-33805

A SQL injection vulnerability in /model/getstudent.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...

9.8CVSS6.1AI score0.0051EPSS
Exploits1References1
OSV
OSV
added 2024/05/28 4:15 p.m.3 views

CVE-2024-33799

A SQL injection vulnerability in /model/getteacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...

9.8CVSS6.1AI score0.0051EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/05/28 12:0 a.m.3 views

Campcodes Complete Web-Based School Management System 安全漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in Complete Web-Based School Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the id...

9.8CVSS8AI score0.0051EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/05/28 12:0 a.m.3 views

PT-2024-25489 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue exists in the /model/get student subject.php file, allowing an attacker to execute arbitrary SQL commands by manipulating the index parameter...

6.5CVSS8.6AI score0.00426EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/05/28 12:0 a.m.5 views

PT-2024-25493 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the id parameter in the "/model/get grade.php" API endpoint. Recommendations: For...

9.8CVSS8.6AI score0.0051EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/05/28 12:0 a.m.4 views

PT-2024-25488 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the id parameter in the "/model/get subject routing.php" API endpoint...

9.8CVSS8.6AI score0.0051EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/05/28 12:0 a.m.6 views

PT-2024-25495 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the id parameter in the "/model/get timetable.php" API endpoint. This could...

9.8CVSS8.6AI score0.0051EPSS
Exploits1References3
OSV
OSV
added 2024/05/23 5:15 p.m.3 views

CVE-2024-34933

A SQL injection vulnerability in /model/updategrade.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the admissionfee parameter...

6.3CVSS6.1AI score0.00297EPSS
Exploits1References1
Rows per page
Query Builder