48 matches found
EUVD-2026-16897
A vulnerability was detected in QDOCS Smart School Management System up to 7.2. The impacted element is an unknown function of the file /admin/enquiry of the component Admission Enquiry Module. Performing a manipulation of the argument Note results in cross site scripting. The attack is possible ...
CVE-2026-4991
A vulnerability was detected in QDOCS Smart School Management System up to 7.2. The impacted element is an unknown function of the file /admin/enquiry of the component Admission Enquiry Module. Performing a manipulation of the argument Note results in cross site scripting. The attack is possible ...
CVE-2026-4991 QDOCS Smart School Management System Admission Enquiry enquiry cross site scripting
A vulnerability was detected in QDOCS Smart School Management System up to 7.2. The impacted element is an unknown function of the file /admin/enquiry of the component Admission Enquiry Module. Performing a manipulation of the argument Note results in cross site scripting. The attack is possible ...
CVE-2026-4991
CVE-2026-4991 affects QDOCS Smart School Management System (up to 7.2). The vulnerability resides in the Admission Enquiry Module’s /admin/enquiry, where manipulating the Note argument triggers cross-site scripting. This can be exploited remotely. The provided sources do not specify affected vend...
CVE-2026-4991
A vulnerability was detected in QDOCS Smart School Management System up to 7.2. The impacted element is an unknown function of the file /admin/enquiry of the component Admission Enquiry Module. Performing a manipulation of the argument Note results in cross site scripting. The attack is possible ...
QDocs Smart School Management System 代码注入漏洞
QDocs Smart School Management System is a smart community-building system developed by QDocs Corporation. Versions of the QDOCS Smart School Management System prior to 7.2 contained a code injection vulnerability. This vulnerability stemmed from incorrect handling of parameters in the...
CVE-2024-34240
QDOCS Smart School 7.0.0 is vulnerable to Cross Site Scripting XSS resulting in arbitrary code execution in admin functions related to adding or updating records...
CVE-2025-41107
Stored Cross Site Scripting XSS vulnerability in Smart School 7.0 due to lack of proper validation of user input when sending a POST request to '/onlineadmission', wich affects the parameters 'firstname', 'lastname', 'guardianname' and others. This vulnerability could allow a remote user to send ...
CVE-2025-41107
Stored Cross Site Scripting XSS vulnerability in Smart School 7.0 due to lack of proper validation of user input when sending a POST request to '/onlineadmission', wich affects the parameters 'firstname', 'lastname', 'guardianname' and others. This vulnerability could allow a remote user to send ...
CVE-2025-41107
Stored Cross Site Scripting XSS vulnerability in Smart School 7.0 due to lack of proper validation of user input when sending a POST request to '/onlineadmission', wich affects the parameters 'firstname', 'lastname', 'guardianname' and others. This vulnerability could allow a remote user to send ...
EUVD-2025-44041
Stored Cross Site Scripting XSS vulnerability in Smart School 7.0 due to lack of proper validation of user input when sending a POST request to '/onlineadmission', wich affects the parameters 'firstname', 'lastname', 'guardianname' and others. This vulnerability could allow a remote user to send ...
CVE-2025-41107 Stored XSS in Smart School
Stored Cross Site Scripting XSS vulnerability in Smart School 7.0 due to lack of proper validation of user input when sending a POST request to '/onlineadmission', wich affects the parameters 'firstname', 'lastname', 'guardianname' and others. This vulnerability could allow a remote user to send ...
CVE-2025-41107
The CVE-2025-41107 entry describes a Stored XSS in Smart School 7.0 caused by insufficient validation of user input in a POST to /online_admission, affecting fields such as firstname, lastname, guardian_name, etc. The issue could allow a remote attacker to craft input that is processed by an auth...
CVE-2025-41107 Stored XSS in Smart School
Stored Cross Site Scripting XSS vulnerability in Smart School 7.0 due to lack of proper validation of user input when sending a POST request to '/onlineadmission', wich affects the parameters 'firstname', 'lastname', 'guardianname' and others. This vulnerability could allow a remote user to send ...
PT-2025-45608
Name of the Vulnerable Software and Affected Versions Smart School version 7.0 Description A stored Cross Site Scripting XSS issue exists in Smart School version 7.0. This is due to insufficient validation of user-supplied data when a POST request is sent to the '/online admission' API endpoint...
QDOCS Smart School 跨站脚本漏洞
QDOCS Smart School is a smart school management system from QDOCS, Inc. A cross-site scripting vulnerability exists in QDOCS Smart School version 7.0, which stems from insufficient input validation of the parameters firstname, lastname, and guardianname in the file/onlineadmission, and could lead...
CVE-2025-60500
QDocs Smart School Management System 7.1 allows authenticated users with roles such as "accountant" or "admin" to bypass file type restrictions in the media upload feature by abusing the alternate YouTube URL option. This logic flaw permits uploading of arbitrary PHP files, which are stored in a...
CVE-2025-60500
QDocs Smart School Management System 7.1 allows authenticated users with roles such as "accountant" or "admin" to bypass file type restrictions in the media upload feature by abusing the alternate YouTube URL option. This logic flaw permits uploading of arbitrary PHP files, which are stored in a...
EUVD-2024-34706
Malicious code in bioql PyPI...
EUVD-2024-49416
Malicious code in bioql PyPI...