Lucene search
K
Advanced School Management System ProjectAdvanced School Management System

18 matches found

CVE
CVE
added 2022/06/15 7:47 p.m.76 views

CVE-2022-32368

The CVE-2022-32368 entry concerns itsourcecode Advanced School Management System v1.0, affected by a SQL injection vulnerability in /school/model/get_grade.php?id=. The issue arises from unsanitized input passed to SQL statements, enabling an attacker to manipulate queries and potentially access ...

7.2CVSS7.3AI score0.00909EPSS
Web
CVE
CVE
added 2022/06/15 8:23 p.m.75 views

CVE-2022-32370

The CVE-2022-32370 entry is corroborated across multiple feeds as a SQL injection flaw in itsourcecode Advanced School Management System v1.0, exploitable via /school/model/get_classroom.php?id=. Root cause: missing input validation on the id parameter leading to SQL statement manipulation. Repor...

7.2CVSS7.3AI score0.00909EPSS
Web
CVE
CVE
added 2022/06/15 7:45 p.m.75 views

CVE-2022-32374

CVE-2022-32374 affects itsourcecode Advanced School Management System v1.0. The vulnerability is a SQL Injection in the endpoint /school/model/get_subject_routing.php?id= where user input is not validated, enabling an attacker to manipulate SQL queries and potentially disclose or modify database ...

7.2CVSS7.3AI score0.00909EPSS
Web
CVE
CVE
added 2022/06/15 6:43 p.m.71 views

CVE-2022-32376

CVE-2022-32376 affects itsourcecode Advanced School Management System v1.0 and is caused by SQL injection in the parameter event_id of /school/model/get_events.php. The vulnerability arises from unvalidated external input, enabling attackers to manipulate SQL statements and potentially access or ...

7.2CVSS7.3AI score0.00909EPSS
Web
CVE
CVE
added 2022/06/15 6:44 p.m.70 views

CVE-2022-32375

CVE-2022-32375 affects itsourcecode Advanced School Management System v1.0. The vulnerability is a SQL Injection flaw in /school/model/get_timetable.php?id=, caused by improper input handling, enabling potential unauthorized access to or manipulation of database data. The CVSS scores indicate hig...

7.2CVSS7.3AI score0.00909EPSS
Web
CVE
CVE
added 2022/06/15 6:42 p.m.69 views

CVE-2022-32377

CVE-2022-32377 is documented as an SQL Injection vulnerability in itsourcecode Advanced School Management System v1.0, exploitable via /school/model/get_exam_timetable.php?id=. The connected records (NVD, Red Hat, CNVD, CVE lists) confirm a persistent SQLi issue affecting the application. CVSS me...

7.2CVSS7.3AI score0.00909EPSS
Web
CVE
CVE
added 2022/07/28 9:11 p.m.69 views

CVE-2022-34580

CVE-2022-34580 affects Advanced School Management System v1.0. The issue is a cross-site scripting (XSS) vulnerability exploitable via the address parameter at ip/school/index.php. Documented CVSS: 4.8 (MEDIUM) with network attack vector, high privileges required and user interaction. APT/Exploit...

4.8CVSS5AI score0.00444EPSS
Web
CVE
CVE
added 2022/06/15 6:39 p.m.68 views

CVE-2022-32379

CVE-2022-32379 affects itsourcecode Advanced School Management System v1.0, vulnerable to SQL Injection via /school/model/get_parents_profile.php?my_index=. The root cause is lack of validation for externally supplied SQL statements, enabling an attacker to potentially access or modify sensitive ...

7.2CVSS7.3AI score0.00909EPSS
Web
CVE
CVE
added 2022/06/15 6:38 p.m.67 views

CVE-2022-32380

CVE-2022-32380 affects itsourcecode Advanced School Management System v1.0. The vulnerability is SQL Injection in the get_student_subject.php script (via index parameter), caused by insufficient input validation. Multiple connected sources (CNVD/CNNVD/Red Hat/ CVE lists) confirm the same flaw and...

7.2CVSS7.3AI score0.00909EPSS
Web
CVE
CVE
added 2022/07/20 8:50 p.m.67 views

CVE-2022-34586

CVE-2022-34586 affects itsourcecode Advanced School Management System v1.0, with a SQL Injection vulnerability exploitable via the grade parameter in /school/view/student_grade_wise.php. The entry is corroborated by multiple connected records indicating an SQL injection issue; the CVSS 3.1 base s...

8.8CVSS9AI score0.00781EPSS
Web
CVE
CVE
added 2022/06/15 6:35 p.m.66 views

CVE-2022-32433

CVE-2022-32433 affects itsourcecode Advanced School Management System v1.0. The vulnerability enables Arbitrary code execution via the endpoint ip/school/view/all_teacher.php. The CVE entry provides a basic impact assessment (CVSS v3.1: base score 7.2, HIGH) and indicates network-based access wit...

7.2CVSS7.2AI score0.01307EPSS
CVE
CVE
added 2022/07/20 8:50 p.m.66 views

CVE-2022-34588

The CVE-2022-34588 entry concerns itsourcecode Advanced School Management System v1.0. A SQL Injection vulnerability exists in the grade parameter of the /school/view/timetable_insert_form.php endpoint. The issue is the classic improper handling of user-controlled input that leads to SQL query ma...

8.8CVSS9AI score0.00681EPSS
Web
CVE
CVE
added 2022/06/15 6:37 p.m.65 views

CVE-2022-32381

The CVE-2022-32381 entry concerns itsourcecode Advanced School Management System v1.0, which is vulnerable to SQL injection through /school/model/get_admin_profile.php?my_index=. The vulnerability is caused by lack of input validation for external SQL statements, enabling attackers to manipulate ...

7.2CVSS7.3AI score0.00909EPSS
Web
CVE
CVE
added 2022/06/15 6:40 p.m.62 views

CVE-2022-32378

CVE-2022-32378 covers SQL Injection in the itsourcecode Advanced School Management System v1.0. The vulnerability is reachable via /school/model/get_teacher_profile.php?my_index= and arises from lack of input validation on external input, allowing attackers to manipulate SQL statements. The issue...

7.2CVSS7.3AI score0.00909EPSS
Web
CVE
CVE
added 2022/07/27 1:41 a.m.62 views

CVE-2022-34594

CVE-2022-34594 affects Advanced School Management System v1.0. The vulnerability is a cross-site scripting (XSS) flaw exploitable via the component ip/school/moudel/update_subject.php, where a crafted payload in the Edit Subject field can cause arbitrary web scripts/HTML to execute. The NVD entry...

4.8CVSS5AI score0.00444EPSS
Web
CVE
CVE
added 2022/06/15 8:21 p.m.61 views

CVE-2022-32372

Affected software : itsourcecode Advanced School Management System v1.0 (open source PHP/MySQL-based). Vulnerability : SQL Injection via /school/model/get_subject.php?id= (unsafely handling user input in a SQL query). Root cause : input parameter not sanitized/filtered before database query. Impa...

7.2CVSS7.3AI score0.00909EPSS
Web
CVE
CVE
added 2022/06/15 7:52 p.m.61 views

CVE-2022-32373

The CVE-2022-32373 entry describes a SQL Injection vulnerability in itsourcecode Advanced School Management System v1.0, exploitable through the parameter id in /school/model/get_exam.php. The root cause is unsanitized external input leading to SQL command execution, enabling access to sensitive ...

7.2CVSS7.3AI score0.00909EPSS
Web
CVE
CVE
added 2022/06/15 8:22 p.m.46 views

CVE-2022-32371

CVE-2022-32371 affects itsourcecode Advanced School Management System v1.0. The vulnerability is a SQL Injection in get_teacher.php?id= where user-supplied input is not validated, enabling potentially illegal SQL commands and data exposure as described across CVE records (CNVD, RH). The connected...

7.2CVSS7.3AI score0.00909EPSS
Web