School Erp Pro Security Vulnerabilities and Issues — School Erp Pro CVE List

Lucene search

AroxSchool Erp Pro

5 matches found

CVE•added 2022/07/15 12:15 p.m.•52 views

CVE-2022-32118

Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the dispatchcategory parameter in backoffice.inc.php.

6.1CVSS6AI score0.05018EPSS

CVE•added 2022/07/15 12:15 p.m.•49 views

CVE-2022-32119

Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1finance_master.inc.php.

8.8CVSS8.9AI score0.06279EPSS

CVE•added 2024/05/14 3:45 p.m.•40 views

CVE-2024-4824

Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/office_admin/' index in the parameters groups_id, examname, classes_id, es_voucherid, es_class, etc. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server ...

9.8CVSS7.3AI score0.01359EPSS

CVE•added 2024/05/14 3:45 p.m.•36 views

CVE-2024-4823

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the index '/schoolerp/office_admin/' in the parameters es_bankacc, es_bank_name, es_bank_pin, es_checkno, es_teller_number, dc1 and dc2. An attacker could send a specially crafted JavaScript payload to an authenticated user and part...

6.5CVSS5.4AI score0.00269EPSS

CVE•added 2024/05/14 3:45 p.m.•34 views

CVE-2024-4822

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the username and password parameters in '/index.php'. This vulnerability allows an attacker to partially take control of the victim's browser session.

6.5CVSS6AI score0.0008EPSS