Lucene search
K
CampcodesComplete Web-based School Management System

104 matches found

CVE
CVE
added 2024/05/06 6:0 a.m.59 views

CVE-2024-4527

CVE-2024-4527 affects Campcodes Complete Web-Based School Management System v1.0. The vulnerability is a cross-site scripting (XSS) flaw in an unknown function of the file /view/student_payment_details2.php where manipulation of the index argument enables attack execution. The issue can be exploi...

6.1CVSS6.2AI score0.0056EPSS
Web
CVE
CVE
added 2024/05/15 6:31 p.m.58 views

CVE-2024-4907

The CVE-2024-4907 vulnerability affects Campcodes Complete Web-Based School Management System 1.0. It resides in the file /view/show_student2.php and stems from manipulation of the grade parameter, enabling SQL injection. This was described as exploitable remotely and publicly disclosed, with evi...

6.5CVSS7.5AI score0.00407EPSS
Web
CVE
CVE
added 2024/05/06 12:0 a.m.57 views

CVE-2024-33410

CVE-2024-33410 is an SQL injection vulnerability affecting Campcodes Complete Web-Based School Management System 1.0, specifically in /model/delete_range_grade.php via the id parameter. The incident is described across multiple sources (NVD/Red Hat/CNNVD/CVE/CVELIST) with CVSS v3.1 base metrics: ...

8.1CVSS8.5AI score0.00641EPSS
Web
CVE
CVE
added 2024/05/28 3:49 p.m.57 views

CVE-2024-33802

CVE-2024-33802 describes an SQL injection in Campcodes Complete Web-Based School Management System 1.0. The vulnerability affects /model/get_student_subject.php and is exploitable via the index parameter, allowing an attacker to execute arbitrary SQL commands. Exploitation status is not provided ...

6.5CVSS8.9AI score0.00426EPSS
Web
CVE
CVE
added 2024/05/19 11:31 p.m.57 views

CVE-2024-5107

CVE-2024-5107 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability arises from manipulation of the index parameter in the file /view/student_payment_details2.php, enabling SQL injection. It is a remote attack and the exploit has been disclosed publicly. Multiple so...

6.5CVSS7.3AI score0.00407EPSS
Web
CVE
CVE
added 2024/05/20 2:0 a.m.57 views

CVE-2024-5112

The CVE-2024-5112 entry concerns Campcodes Complete Web-Based School Management System 1.0. Affected code path: /view/student_profile.php, where the std_index parameter enables SQL injection. The vulnerability is remote-exploitable and referenced across multiple sources (NVD, Red Hat, CVE List, e...

6.5CVSS7.5AI score0.00488EPSS
Web
CVE
CVE
added 2024/05/08 1:31 p.m.56 views

CVE-2024-4649

CVE-2024-4649 affects Campcodes Complete Web-Based School Management System 1.0, specifically the /view/student_exam_mark_insert_form1.php file. The issue arises from manipulation of the page parameter, enabling cross-site scripting (XSS) and enabling remote exploitation. The vulnerability has be...

6.1CVSS6.2AI score0.00431EPSS
Web
CVE
CVE
added 2024/05/20 2:31 a.m.55 views

CVE-2024-5113

CVE-2024-5113 affects Campcodes Complete Web-Based School Management System 1.0. A SQL injection vulnerability exists in /view/student_profile1.php via the std_index parameter, reportet remotely with publicly disclosed exploit details. Multiple sources classify the issue as critical/medium depend...

6.5CVSS7.3AI score0.00488EPSS
Web
CVE
CVE
added 2024/05/06 2:31 a.m.54 views

CVE-2024-4516

CVE-2024-4516 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting issue in the /view/timetable.php file, caused by tampering with the grade parameter. The issue is exploitable remotely and has had its exploit disclosed publicly. Documents...

6.1CVSS6.2AI score0.00614EPSS
Web
CVE
CVE
added 2024/05/06 12:0 a.m.53 views

CVE-2024-33408

CVE-2024-33408 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a SQL injection in the /model/get_classroom.php endpoint, exploitable via the id parameter, enabling an attacker to execute arbitrary SQL commands. The Red Hat, NVD, and CVE listings in the conn...

9.8CVSS8.5AI score0.00713EPSS
Web
CVE
CVE
added 2024/05/28 3:47 p.m.53 views

CVE-2024-33800

CVE-2024-33800 affects Campcodes Complete Web-Based School Management System v1.0. A SQL injection is possible in the /model/get_student1.php endpoint, via the index parameter, enabling an attacker to execute arbitrary SQL commands. The vulnerability is documented across multiple sources (NVD/Red...

9.8CVSS8.9AI score0.0051EPSS
Web
CVE
CVE
added 2024/05/28 3:51 p.m.53 views

CVE-2024-33807

CVE-2024-33807 : A SQL injection flaw in Campcodes’ Complete Web-Based School Management System v1.0 affects the endpoint /model/get_teacher_timetable.php. The vulnerability allows an attacker to inject arbitrary SQL through the grade parameter. Public sources in the connected documents consisten...

5.4CVSS8.9AI score0.00286EPSS
Web
CVE
CVE
added 2024/05/06 12:0 a.m.52 views

CVE-2024-33404

CVE-2024-33404 describes a SQL injection in campcodes Complete Web-Based School Management System 1.0, via the index parameter in /model/add_student_first_payment.php. The vulnerability affects the web app’s ability to execute arbitrary SQL commands, with a CVSS 3.1 base score of 8.3 (HIGH) and i...

8.3CVSS8.5AI score0.00559EPSS
Web
CVE
CVE
added 2024/05/06 12:0 a.m.52 views

CVE-2024-33406

CVE-2024-33406 affects Campcodes Complete Web-Based School Management System 1.0. A SQL injection flaw exists in the /model/delete_student_grade_subject.php endpoint, exploitable via the index parameter to execute arbitrary SQL commands. The vulnerability originates from improper handling of user...

7.3CVSS8.5AI score0.00434EPSS
Web
CVE
CVE
added 2024/05/28 3:51 p.m.52 views

CVE-2024-33806

CVE-2024-33806 affects campcodes Complete Web-Based School Management System 1.0. The vulnerability is in the /model/get_grade.php endpoint, where the id parameter enables a SQL injection. The underlying root cause is improper input handling, allowing an attacker to execute arbitrary SQL commands...

9.8CVSS8.9AI score0.0051EPSS
Web
CVE
CVE
added 2024/05/28 3:52 p.m.52 views

CVE-2024-33808

CVE-2024-33808 describes a SQL injection vulnerability in Campcodes Complete Web-Based School Management System 1.0, exploitable via the id parameter of /model/get_timetable.php. The root cause is improper handling of input in the timetable retrieval endpoint, allowing arbitrary SQL execution. Th...

9.8CVSS8.9AI score0.0051EPSS
Web
CVE
CVE
added 2024/05/06 5:31 a.m.52 views

CVE-2024-4524

CVE-2024-4524 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting in the /view/student_payment_invoice.php file via manipulation of the desc parameter. It is exploitable remotely and an exploit has been disclosed publicly. The available d...

6.1CVSS6.2AI score0.00582EPSS
Web
CVE
CVE
added 2024/05/28 3:46 p.m.51 views

CVE-2024-33799

CVE-2024-33799 affects Campcodes Complete Web-Based School Management System 1.0, via the /model/get_teacher.php endpoint where the id parameter is used unsafely. The root cause is a SQL injection that allows an attacker to execute arbitrary SQL commands, enabling potentially complete compromise ...

9.8CVSS8.9AI score0.0051EPSS
Web
CVE
CVE
added 2024/05/28 3:50 p.m.51 views

CVE-2024-33804

CVE-2024-33804 affects campcodes Complete Web-Based School Management System 1.0. The vulnerability is a SQL injection in /model/get_subject.php through the id parameter, allowing a attacker to execute arbitrary SQL commands. Publicly available sources in the connected set consistently describe t...

6.3CVSS8.9AI score0.00297EPSS
Web
CVE
CVE
added 2024/05/08 12:31 p.m.51 views

CVE-2024-4646

CVE-2024-4646 affects Campcodes Complete Web-Based School Management System version 1.0, specifically the /view/student_payment_details.php file. The vulnerability is a cross-site scripting (XSS) flaw caused by manipulation of the index parameter, allowing remote attack. Exploitation has been pub...

6.1CVSS6.2AI score0.00464EPSS
Web
CVE
CVE
added 2024/05/08 2:0 p.m.51 views

CVE-2024-4651

The CVE-2024-4651 entry concerns Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in the year parameter of /view/student_attendance_history1.php, arising from how the input is processed. This could allow remote attackers to execute arbitr...

6.1CVSS6.2AI score0.00481EPSS
Web
CVE
CVE
added 2024/05/06 2:0 a.m.50 views

CVE-2024-4515

CVE-2024-4515 concerns Campcodes Complete Web-Based School Management System 1.0. The issue is a cross-site scripting vulnerability in the unknown functionality of the file /view/timetable_grade_wise.php, triggered by manipulating the grade parameter. The attack can be launched remotely and the e...

6.1CVSS6.2AI score0.0059EPSS
Web
CVE
CVE
added 2024/05/15 6:31 p.m.50 views

CVE-2024-4906

CVE-2024-4906 affects Campcodes Complete Web-Based School Management System 1.0. A SQL injection vulnerability exists in the /view/show_student1.php file via the grade parameter, enabling remote exploitation. Exploit has been disclosed publicly; no remediation details are provided in the connecte...

7.5CVSS7.3AI score0.00423EPSS
Web
CVE
CVE
added 2024/05/20 1:31 a.m.50 views

CVE-2024-5111

The CVE-2024-5111 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability arises from SQL injection in an unknown part of the file /view/student_payment_invoice1.php, triggered by manipulating the date argument. It is exploitable remotely and the exploit has been disc...

6.5CVSS7.3AI score0.0044EPSS
Web
CVE
CVE
added 2024/05/15 7:0 p.m.46 views

CVE-2024-4909

CVE-2024-4909 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is an SQL injection in the unknown function handling the parameter due_year of the file /view/student_due_payment.php. Exploitation can be performed remotely, and the vulnerability has been publicly...

6.5CVSS7.3AI score0.00407EPSS
Web
CVE
CVE
added 2024/05/15 8:0 p.m.46 views

CVE-2024-4910

The CVE-2024-4910 issue affects Campcodes Complete Web-Based School Management System 1.0. Affects an unknown functionality in the file /view/student_exam_mark_insert_form1.php, where manipulating the grade parameter enables SQL injection. The vulnerability can be exploited remotely and has been ...

6.5CVSS7.3AI score0.00407EPSS
Web
CVE
CVE
added 2024/05/15 8:31 p.m.45 views

CVE-2024-4911

CVE-2024-4911 affects Campcodes Complete Web-Based School Management System v1.0. The vulnerability is in /view/student_exam_mark_update_form.php where manipulation of the exam parameter enables SQL injection, admitting remote exploitation. Multiple connected sources confirm the issue without det...

6.5CVSS7.3AI score0.00407EPSS
Web
CVE
CVE
added 2024/05/10 2:31 p.m.42 views

CVE-2024-4718

CVE-2024-4718 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerable component is an unknown function in /model/delete_student_grade_subject.php, where manipulation of the index parameter enables cross-site scripting. Exploitation can be performed remotely, and public d...

6.1CVSS6.2AI score0.00635EPSS
Web
CVE
CVE
added 2024/05/09 2:31 p.m.39 views

CVE-2024-4678

Campcodes Complete Web-Based School Management System 1.0 contains a cross-site scripting vulnerability in the /view/find_friends.php page. The my_type parameter can be manipulated to trigger XSS, with remote exploitation indicated and public disclosure of the exploit. Connected sources consisten...

6.1CVSS6.2AI score0.0066EPSS
Web
CVE
CVE
added 2024/05/20 12:0 a.m.39 views

CVE-2024-5108

CVE-2024-5108 affects Campcodes Complete Web-Based School Management System version 1.0. Affected is an unknown function in /view/student_payment_details4.php where manipulation of the index parameter causes SQL injection. The vulnerability can be exploited remotely; the exploit has been disclose...

6.5CVSS7.3AI score0.00407EPSS
Web
CVE
CVE
added 2024/05/10 10:0 a.m.37 views

CVE-2024-4713

CVE-2024-4713 impacts Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in the /view/all_teacher.php page, triggered by manipulating the page parameter. Exploitation can be carried out remotely, and public disclosure of the exploit is note...

6.1CVSS6.2AI score0.00635EPSS
Web
CVE
CVE
added 2024/05/10 4:0 p.m.37 views

CVE-2024-4722

The CVE-2024-4722 affects Campcodes Complete Web-Based School Management System 1.0, specifically the index.php file where manipulating the category argument triggers cross-site scripting. The vulnerability can be exploited remotely and public details exist about it. Multiple sources corroborate ...

6.1CVSS6.3AI score0.00635EPSS
CVE
CVE
added 2024/05/10 1:0 p.m.36 views

CVE-2024-4716

CVE-2024-4716 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in the name parameter of the /model/update_exam.php page. Exploitation can be performed remotely, and multiple sources confirm the vulnerability and public disclosure ...

6.1CVSS6.3AI score0.00635EPSS
Web
CVE
CVE
added 2024/05/10 3:0 p.m.36 views

CVE-2024-4719

CVE-2024-4719 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in the /model/delete_record.php page triggered by manipulating the page parameter, allowing remote exploitation. The exploit has been disclosed publicly (VDB-263797). ...

6.1CVSS6.2AI score0.00635EPSS
Web
CVE
CVE
added 2024/05/10 3:31 p.m.36 views

CVE-2024-4721

CVE-2024-4721 affects Campcodes Complete Web-Based School Management System 1.0, impacting an unknown part of /model/add_student_subject.php where manipulation of the index parameter enables cross-site scripting. The vulnerability can be triggered remotely and has been disclosed publicly. Connect...

5.4CVSS6.2AI score0.0061EPSS
Web
CVE
CVE
added 2024/05/10 2:0 p.m.35 views

CVE-2024-4717

CVE-2024-4717 affects Campcodes Complete Web-Based School Management System 1.0. A cross-site scripting vulnerability arises from manipulating the name parameter in /model/update_classroom.php, exploitable remotely. The issue is triggered by improper handling of the argument name, enabling user-c...

6.1CVSS6.2AI score0.0066EPSS
Web
CVE
CVE
added 2024/05/28 3:50 p.m.34 views

CVE-2024-33805

The CVE-2024-33805 issue affects Campcodes Complete Web-Based School Management System 1.0, specifically the /model/get_student.php endpoint. A SQL injection via the id parameter is used to execute arbitrary SQL commands, enabling high-severity impact on confidentiality, integrity, and availabili...

9.8CVSS8.5AI score0.0051EPSS
Web
CVE
CVE
added 2024/05/28 3:48 p.m.33 views

CVE-2024-33801

Affects: Campcodes Complete Web-Based School Management System v1.0. Vulnerable component: /model/get_subject_routing.php. Root cause: SQL injection via the id parameter that allows arbitrary SQL execution. Impact (per sources): high confidentiality, integrity, and availability implications; over...

9.8CVSS8.5AI score0.0051EPSS
Web
CVE
CVE
added 2024/05/09 5:31 p.m.33 views

CVE-2024-4682

CVE-2024-4682 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in the unknown functionality of /view/exam_timetable_update_form.php, triggered by manipulating the exam parameter. It can be exploited remotely and is publicly disclo...

6.1CVSS6.2AI score0.0066EPSS
Web
CVE
CVE
added 2024/05/09 8:0 p.m.33 views

CVE-2024-4685

The CVE-2024-4685 entry concerns Campcodes Complete Web-Based School Management System 1.0. A cross-site scripting vulnerability arises from manipulating the exam parameter in /view/exam_timetable.php. It can be exploited remotely, and public exploits are reported. Affected products/versions are ...

6.1CVSS6.3AI score0.00537EPSS
Web
CVE
CVE
added 2024/05/10 11:0 a.m.32 views

CVE-2024-4714

The CVE-2024-4714 issue affects Campcodes Complete Web-Based School Management System 1.0, with a cross-site scripting flaw in the /model/update_subject.php page. The vulnerability arises from manipulation of the name parameter, allowingXSS that can be triggered remotely. Documents consistently i...

6.1CVSS6.2AI score0.00632EPSS
Web
CVE
CVE
added 2024/05/10 12:0 p.m.32 views

CVE-2024-4715

CVE-2024-4715 : Campcodes Complete Web-Based School Management System 1.0 contains a cross-site scripting (XSS) vulnerability in the /model/update_grade.php page. The issue arises from manipulation of the name argument, enabling remote exploitation. Public disclosures exist (VDB-263793), with mul...

6.1CVSS6.2AI score0.00635EPSS
Web
CVE
CVE
added 2024/05/09 1:31 p.m.31 views

CVE-2024-4677

CVE-2024-4677 affects Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/my_student_exam_marks1.php where manipulating the year parameter triggers cross-site scripting. The vulnerability can be exploited remotely, and the exploit has been ...

6.1CVSS6.2AI score0.00635EPSS
Web
CVE
CVE
added 2024/05/10 3:0 p.m.31 views

CVE-2024-4720

CVE-2024-4720 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerable component is the script at /model/approve_petty_cash.php, where manipulating the admin_index parameter enables cross-site scripting (XSS). Attacks may be launched remotely, and public exploits are repo...

6.1CVSS6.2AI score0.00657EPSS
Web
CVE
CVE
added 2024/05/09 1:0 p.m.29 views

CVE-2024-4676

The vulnerability CVE-2024-4676 affects Campcodes Complete Web-Based School Management System 1.0. The issue is a cross-site scripting (XSS) flaw arising from manipulation of the count argument in the /view/range_grade_text.php endpoint. Attack vector is remote and public exploit appears to have ...

6.1CVSS6.2AI score0.00635EPSS
CVE
CVE
added 2024/05/09 6:31 p.m.29 views

CVE-2024-4683

CVE-2024-4683 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in the /view/exam_timetable_insert_form.php page, triggered by manipulating the exam parameter. It is described as exploitable remotely and the exploit has been disclo...

6.1CVSS6.2AI score0.0066EPSS
Web
CVE
CVE
added 2024/05/09 7:31 p.m.29 views

CVE-2024-4684

Campcodes Complete Web-Based School Management System 1.0 is affected by a cross-site scripting vulnerability in the /view/exam_timetable_grade_wise.php page, caused by improper handling of the exam parameter. The vulnerability allows remote exploitation and is supported by multiple sources (e.g....

6.1CVSS6.2AI score0.0066EPSS
Web
CVE
CVE
added 2024/05/09 3:52 a.m.28 views

CVE-2024-4672

The CVE-2024-4672 entry describes a cross-site scripting vulnerability in Campcodes Complete Web-Based School Management System 1.0, affecting the file /view/show_student_subject.php. The vulnerability is triggered by manipulating the id parameter, enabling a remote attacker to exploit XSS. Publi...

6.1CVSS6.2AI score0.00679EPSS
Web
CVE
CVE
added 2024/05/09 8:31 p.m.28 views

CVE-2024-4686

CVE-2024-4686 affects Campcodes Complete Web-Based School Management System 1.0. The issue is a cross-site scripting vulnerability in the grade parameter of the /view/emarks_range_grade_update_form.php script. The flaws arise from manipulation of the grade argument and may be exploited remotely; ...

6.1CVSS6.2AI score0.00516EPSS
Web
CVE
CVE
added 2024/05/09 9:0 p.m.28 views

CVE-2024-4687

CVE-2024-4687 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in an unknown function of the file /view/create_events.php, triggered by manipulating the my_index argument. It can be exploited remotely and the exploit has been disc...

6.1CVSS6.2AI score0.00516EPSS
Web
Total number of security vulnerabilities104