School Erp Pro@* Security Vulnerabilities and Issues — School Erp Pro@* CVE List

Lucene search

AroxSchool Erp Pro*

3 matches found

CVE•added 2024/05/14 3:45 p.m.•40 views

CVE-2024-4824

Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/office_admin/' index in the parameters groups_id, examname, classes_id, es_voucherid, es_class, etc. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server ...

9.8CVSS7.3AI score0.01359EPSS

CVE•added 2024/05/14 3:45 p.m.•36 views

CVE-2024-4823

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the index '/schoolerp/office_admin/' in the parameters es_bankacc, es_bank_name, es_bank_pin, es_checkno, es_teller_number, dc1 and dc2. An attacker could send a specially crafted JavaScript payload to an authenticated user and part...

6.5CVSS5.4AI score0.00269EPSS

CVE•added 2024/05/14 3:45 p.m.•34 views

CVE-2024-4822

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the username and password parameters in '/index.php'. This vulnerability allows an attacker to partially take control of the victim's browser session.

6.5CVSS6AI score0.0008EPSS