137 matches found
MESbook server-side request forgery vulnerability
MESbook is a web-based system from MESbook Inc. connects to factory machines and converts data into information for real-time management. MESbook has a server-side request forgery vulnerability that can be exploited by an attacker to read the source code of a web file, read internal files or acce...
MESbook Resource Management Error Vulnerability
MESbook is a web-based system from MESbook Inc. connects to factory machines and converts data into information for real-time management. MESbook has a resource management error vulnerability that can be exploited by an attacker to cause resource consumption and disable the application...
MESbook 信息泄露漏洞
MESbook is a web-based system from MESbook Inc. connects to factory machines and converts data into information for real-time management. MESbook has an information disclosure vulnerability that can be exploited by a local attacker to access different resources by changing the application's API...
CVE-2024-33800
A SQL injection vulnerability in /model/getstudent1.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter...
CVE-2024-33802
A SQL injection vulnerability in /model/getstudentsubject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter...
CVE-2024-33808
A SQL injection vulnerability in /model/gettimetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-33806
A SQL injection vulnerability in /model/getgrade.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-33805
A SQL injection vulnerability in /model/getstudent.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-33803
A SQL injection vulnerability in /model/getexam.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-34935
A SQL injection vulnerability in /view/conversationhistoryadmin.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversationid parameter...
CVE-2024-34936
A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter...
CVE-2024-34936
Campcodes Complete Web-Based School Management System 1.0 has a SQL injection in /view/event1.php triggered by the month parameter. The vulnerability allows execution of arbitrary SQL commands, with CVSS v3.1 base metrics: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L (8.6, HIGH). Root cause: unsanitized/u...
CVE-2024-34935
CVE-2024-34935 : A SQL injection in Campcodes Complete Web-Based School Management System 1.0 affects the endpoint /view/conversation_history_admin.php via the conversation_id parameter. The underlying issue is improper handling of user-supplied input, enabling an attacker to execute arbitrary SQ...
Campcodes Complete Web-Based School Management System 安全漏洞
Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in the Complete Web-Based School Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the...
CVE-2024-5114 Campcodes Complete Web-Based School Management System teacher_attendance_history1.php sql injection
A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teacherattendancehistory1.php. The manipulation of the argument index leads to sql injection. It is possible to launch the attack...
CVE-2024-5104
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /view/studentgradewise.php. The manipulation of the argument grade leads to sql injection. The attack may be...
Campcodes Complete Web-Based School Management System SQL注入漏洞
Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A SQL injection vulnerability exists in Campcodes Complete Web-Based School Management System version 1.0, which stems from the parameter index in the file...
Complete Web-Based School Management System SQL注入漏洞
Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A SQL injection vulnerability exists in Campcodes Complete Web-Based School Management System version 1.0, which stems from the parameter index in the file...
CVE-2024-4908 Campcodes Complete Web-Based School Management System student_attendance_history1.php sql injection
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /view/studentattendancehistory1.php. The manipulation of the argument index leads to sql injection. The attack may be initiated...
Campcodes Complete Web-Based School Management System 安全漏洞
Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in version 1.0 of the Campcodes Complete Web-Based School Management System that stems from an SQL injection vulnerability in the dueyear parameter of...