Lucene search
K

53 matches found

CVE
CVE
added 2019/02/13 4:0 p.m.40 views

CVE-2019-8335

CVE-2019-8335 describes an XSS vulnerability in SchoolCMS 2.3.1, exploitable via index.php?a=Index&c=Channel&m=Home&id=[XSS]. The connected Red Hat/CNVD/etc. entries corroborate a cross-site scripting flaw in SchoolCMS; no details about affected versions beyond 2.3.1 or concrete exploit vectors a...

6.1CVSS5.9AI score0.00865EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/02/13 4:0 p.m.36 views

CVE-2019-8334

CVE-2019-8334 affects SchoolCMS 2.3.1 . A cross-site scripting (XSS) flaw is present via the vulnerable request: index.php?a=Index&c=Channel&m=Home&viewid=[XSS], which could lead to injection of arbitrary script when a user loads the affected page. The primary description in the CVE notes an XSS ...

6.1CVSS5.9AI score0.00865EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2019/01/10 12:0 a.m.2 views

SQL Injection Vulnerability in SchoolCMS v2.3.1 Us***.class File

SchoolCMS is a school teaching management system based on PHP+MySQL. A SQL injection vulnerability exists in the SchoolCMS v2.3.1Us.class file, which can be exploited by attackers to obtain sensitive information...

7.9AI score
Exploits0
CNVD
CNVD
added 2018/02/23 12:0 a.m.1 views

Code Execution Vulnerability in SchoolCMS v2.3

SchoolCMS is a school teaching management system based on PHP+MySQL. A code execution vulnerability exists in SchoolCMS v2.3, which is due to the system failing to effectively filter some of the input parameter values. An attacker can exploit this vulnerability to upload a Trojan horse file and...

7.7AI score
Exploits0
CNVD
CNVD
added 2017/11/08 12:0 a.m.0 views

Arbitrary File Deletion Vulnerability in SchoolCMS

SchoolCMS is a school teaching management system based on PHP+MySQL. An arbitrary file deletion vulnerability exists somewhere in the SchoolCMS backend, which can be exploited by an attacker to delete arbitrary folders...

7AI score
Exploits0
CNVD
CNVD
added 2017/09/19 12:0 a.m.1 views

Variable Override Vulnerability in SchoolCMS

SchoolCMS is a school teaching management system based on PHP+MySQL. SchoolCMS suffers from a variable override vulnerability. An attacker can utilize the browser's TAB function to override access to user information...

6.9AI score
Exploits0
CNVD
CNVD
added 2017/09/19 12:0 a.m.0 views

SchoolCMS suffers from a variable override vulnerability (CNVD-2017-30716)

SchoolCMS is a school teaching management system based on PHP+MySQL. SchoolCMS suffers from a variable override vulnerability. An attacker can utilize the browser's TAB function to reset any user's password...

6.9AI score
Exploits0
CNVD
CNVD
added 2017/08/08 12:0 a.m.2 views

File upload vulnerability in SchoolCMS backend SiteController.class.php

SchoolCMS is a school teaching management system based on PHP+MySQL. A file upload vulnerability exists in the SchoolCMS backend SiteController.class.php, due to the system Upload function not effectively filtering user-submitted data. A remote attacker can arbitrarily write files to gain web...

7.4AI score
Exploits0
CNVD
CNVD
added 2017/08/04 12:0 a.m.1 views

File upload vulnerability in SchoolCMS backend ThemeController.class.php

SchoolCMS is an open source faculty management system. SchoolCMS v2.3.1 version ThemeController.class.php and SiteController.class.ph Upload function in the file upload vulnerability, remote attackers can use the theme function in the background, to perform arbitrary file write operations to obta...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.9 views

SchoolCMS Persistent XSS

No description provided by source. Title: SchoolCMS Persistant XSS. Date: 03/12/12 Author: VipVince Vendor: www.poweritschools.com Google Dork: /oldcore/cal/eventform.php Tested on: Windows. This is a Persistant XSS used in the software by many schools. About 225 results 0.21 seconds The...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2012/12/03 12:0 a.m.10 views

SchoolCMS - Persistent Cross-Site Scripting

SchoolCMS - Persistent Cross-Site Scripting Title: SchoolCMS Persistant XSS. Date: 03/12/12 Author: VipVince Vendor: www.poweritschools.com Google Dork: /oldcore/cal/eventform.php Tested on: Windows. This is a Persistant XSS used in the software by many schools. About 225 results 0.21 seconds The...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2012/12/03 12:0 a.m.26 views

SchoolCMS - Persistent Cross-Site Scripting

Title: SchoolCMS Persistant XSS. Date: 03/12/12 Author: VipVince Vendor: www.poweritschools.com Google Dork: /oldcore/cal/eventform.php Tested on: Windows. This is a Persistant XSS used in the software by many schools. About 225 results 0.21 seconds The vulnerability lies in the eventform.php fil...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/12/03 12:0 a.m.16 views

SchoolCMS Cross Site Scripting

Title: SchoolCMS Persistant XSS. Date: 03/12/12 Author: VipVince Vendor: www.poweritschools.com Google Dork: /oldcore/cal/eventform.php Tested on: Windows. This is a Persistant XSS used in the software by many schools. About 225 results 0.21 seconds The vulnerability lies in the eventform.php fil...

Exploits0
Rows per page
Query Builder