3 matches found
CVE-2024-33992 Cross-Site Scripting (XSS) vulnerability in Janobe School Event Management System
Cross-Site Scripting XSS vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'view' parameter in '/student/index.php'...
CVE-2018-18801
The BSEN Ordering software 1.0 has SQL Injection via student/index.php?view=view&id=SQL or index.php?q=single-item&id=SQL...
CVE-2018-18801
The BSEN Ordering software 1.0 has SQL Injection via student/index.php?view=view&id=SQL or index.php?q=single-item&id=SQL...