18 matches found
CVE-2025-13784
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
EUVD-2025-199925
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
EUVD-2025-199926
A security vulnerability has been detected in yungifez Skuul School Management System up to 2.6.5. This issue affects some unknown processing of the file /user/profile of the component Image Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. The...
yungifez Skuul School Management System vulnerable to XSS via SVG
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
GHSA-92X3-MFJP-J3H3 yungifez Skuul School Management System vulnerable to XSS via SVG
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
CVE-2025-13785
A security vulnerability has been detected in yungifez Skuul School Management System up to 2.6.5. This issue affects some unknown processing of the file /user/profile of the component Image Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. The...
CVE-2025-13785 yungifez Skuul School Management System Image profile information disclosure
A security vulnerability has been detected in yungifez Skuul School Management System up to 2.6.5. This issue affects some unknown processing of the file /user/profile of the component Image Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. The...
CVE-2025-13784
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
CVE-2025-13784
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
CVE-2025-13784 yungifez Skuul School Management System SVG File edit cross site scripting
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...
PT-2025-48387
Name of the Vulnerable Software and Affected Versions yungifez Skuul School Management System versions up to 2.6.5 Description A security issue exists in yungifez Skuul School Management System. The problem relates to the processing of the file /user/profile within the Image Handler component,...
CVE-2025-12918
A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The impacted element is an unknown function of the file /dashboard/fees/fee-invoices/ of the component View Fee Invoice. Performing manipulation of the argument invoiceid results in improper control of...
Resource Injection
Overview yungifez/skuul is an A multi school management system. Affected versions of this package are vulnerable to Resource Injection via the invoiceid parameter in the /dashboard/fees/fee-invoices/. A user can access unauthorized resources by manipulating this parameter remotely. Remediation...
CVE-2025-12918
A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The impacted element is an unknown function of the file /dashboard/fees/fee-invoices/ of the component View Fee Invoice. Performing manipulation of the argument invoiceid results in improper control of...
CVE-2025-12918 yungifez Skuul School Management System View Fee Invoice fee-invoices resource injection
A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The impacted element is an unknown function of the file /dashboard/fees/fee-invoices/ of the component View Fee Invoice. Performing manipulation of the argument invoiceid results in improper control of...
CVE-2025-12918 yungifez Skuul School Management System View Fee Invoice fee-invoices resource injection
A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The impacted element is an unknown function of the file /dashboard/fees/fee-invoices/ of the component View Fee Invoice. Performing manipulation of the argument invoiceid results in improper control of...
CVE-2025-12918
The CVE-2025-12918 entry concerns yungifez Skuul School Management System (up to 2.6.5). Affected component: View Fee Invoice, specifically the /dashboard/fees/fee-invoices/ path. Root cause: manipulating the invoice_id parameter leads to improper control of resource identifiers (an IDOR-like fla...
PT-2025-45577
Name of the Vulnerable Software and Affected Versions yungifez Skuul School Management System versions up to 2.6.5 Description A security flaw exists in yungifez Skuul School Management System. Manipulation of the invoice id argument within an unknown function of the /dashboard/fees/fee-invoices/...