104 matches found
CVE-2024-4527
CVE-2024-4527 affects Campcodes Complete Web-Based School Management System v1.0. The vulnerability is a cross-site scripting (XSS) flaw in an unknown function of the file /view/student_payment_details2.php where manipulation of the index argument enables attack execution. The issue can be exploi...
CVE-2024-4907
The CVE-2024-4907 vulnerability affects Campcodes Complete Web-Based School Management System 1.0. It resides in the file /view/show_student2.php and stems from manipulation of the grade parameter, enabling SQL injection. This was described as exploitable remotely and publicly disclosed, with evi...
CVE-2024-33410
CVE-2024-33410 is an SQL injection vulnerability affecting Campcodes Complete Web-Based School Management System 1.0, specifically in /model/delete_range_grade.php via the id parameter. The incident is described across multiple sources (NVD/Red Hat/CNNVD/CVE/CVELIST) with CVSS v3.1 base metrics: ...
CVE-2024-33802
CVE-2024-33802 describes an SQL injection in Campcodes Complete Web-Based School Management System 1.0. The vulnerability affects /model/get_student_subject.php and is exploitable via the index parameter, allowing an attacker to execute arbitrary SQL commands. Exploitation status is not provided ...
CVE-2024-5107
CVE-2024-5107 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability arises from manipulation of the index parameter in the file /view/student_payment_details2.php, enabling SQL injection. It is a remote attack and the exploit has been disclosed publicly. Multiple so...
CVE-2024-5112
The CVE-2024-5112 entry concerns Campcodes Complete Web-Based School Management System 1.0. Affected code path: /view/student_profile.php, where the std_index parameter enables SQL injection. The vulnerability is remote-exploitable and referenced across multiple sources (NVD, Red Hat, CVE List, e...
CVE-2024-4649
CVE-2024-4649 affects Campcodes Complete Web-Based School Management System 1.0, specifically the /view/student_exam_mark_insert_form1.php file. The issue arises from manipulation of the page parameter, enabling cross-site scripting (XSS) and enabling remote exploitation. The vulnerability has be...
CVE-2024-5113
CVE-2024-5113 affects Campcodes Complete Web-Based School Management System 1.0. A SQL injection vulnerability exists in /view/student_profile1.php via the std_index parameter, reportet remotely with publicly disclosed exploit details. Multiple sources classify the issue as critical/medium depend...
CVE-2024-4516
CVE-2024-4516 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting issue in the /view/timetable.php file, caused by tampering with the grade parameter. The issue is exploitable remotely and has had its exploit disclosed publicly. Documents...
CVE-2024-33408
CVE-2024-33408 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a SQL injection in the /model/get_classroom.php endpoint, exploitable via the id parameter, enabling an attacker to execute arbitrary SQL commands. The Red Hat, NVD, and CVE listings in the conn...
CVE-2024-33800
CVE-2024-33800 affects Campcodes Complete Web-Based School Management System v1.0. A SQL injection is possible in the /model/get_student1.php endpoint, via the index parameter, enabling an attacker to execute arbitrary SQL commands. The vulnerability is documented across multiple sources (NVD/Red...
CVE-2024-33807
CVE-2024-33807 : A SQL injection flaw in Campcodes’ Complete Web-Based School Management System v1.0 affects the endpoint /model/get_teacher_timetable.php. The vulnerability allows an attacker to inject arbitrary SQL through the grade parameter. Public sources in the connected documents consisten...
CVE-2024-33404
CVE-2024-33404 describes a SQL injection in campcodes Complete Web-Based School Management System 1.0, via the index parameter in /model/add_student_first_payment.php. The vulnerability affects the web app’s ability to execute arbitrary SQL commands, with a CVSS 3.1 base score of 8.3 (HIGH) and i...
CVE-2024-33406
CVE-2024-33406 affects Campcodes Complete Web-Based School Management System 1.0. A SQL injection flaw exists in the /model/delete_student_grade_subject.php endpoint, exploitable via the index parameter to execute arbitrary SQL commands. The vulnerability originates from improper handling of user...
CVE-2024-33806
CVE-2024-33806 affects campcodes Complete Web-Based School Management System 1.0. The vulnerability is in the /model/get_grade.php endpoint, where the id parameter enables a SQL injection. The underlying root cause is improper input handling, allowing an attacker to execute arbitrary SQL commands...
CVE-2024-33808
CVE-2024-33808 describes a SQL injection vulnerability in Campcodes Complete Web-Based School Management System 1.0, exploitable via the id parameter of /model/get_timetable.php. The root cause is improper handling of input in the timetable retrieval endpoint, allowing arbitrary SQL execution. Th...
CVE-2024-4524
CVE-2024-4524 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting in the /view/student_payment_invoice.php file via manipulation of the desc parameter. It is exploitable remotely and an exploit has been disclosed publicly. The available d...
CVE-2024-33799
CVE-2024-33799 affects Campcodes Complete Web-Based School Management System 1.0, via the /model/get_teacher.php endpoint where the id parameter is used unsafely. The root cause is a SQL injection that allows an attacker to execute arbitrary SQL commands, enabling potentially complete compromise ...
CVE-2024-33804
CVE-2024-33804 affects campcodes Complete Web-Based School Management System 1.0. The vulnerability is a SQL injection in /model/get_subject.php through the id parameter, allowing a attacker to execute arbitrary SQL commands. Publicly available sources in the connected set consistently describe t...
CVE-2024-4646
CVE-2024-4646 affects Campcodes Complete Web-Based School Management System version 1.0, specifically the /view/student_payment_details.php file. The vulnerability is a cross-site scripting (XSS) flaw caused by manipulation of the index parameter, allowing remote attack. Exploitation has been pub...
CVE-2024-4651
The CVE-2024-4651 entry concerns Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in the year parameter of /view/student_attendance_history1.php, arising from how the input is processed. This could allow remote attackers to execute arbitr...
CVE-2024-4515
CVE-2024-4515 concerns Campcodes Complete Web-Based School Management System 1.0. The issue is a cross-site scripting vulnerability in the unknown functionality of the file /view/timetable_grade_wise.php, triggered by manipulating the grade parameter. The attack can be launched remotely and the e...
CVE-2024-4906
CVE-2024-4906 affects Campcodes Complete Web-Based School Management System 1.0. A SQL injection vulnerability exists in the /view/show_student1.php file via the grade parameter, enabling remote exploitation. Exploit has been disclosed publicly; no remediation details are provided in the connecte...
CVE-2024-5111
The CVE-2024-5111 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability arises from SQL injection in an unknown part of the file /view/student_payment_invoice1.php, triggered by manipulating the date argument. It is exploitable remotely and the exploit has been disc...
CVE-2024-4909
CVE-2024-4909 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is an SQL injection in the unknown function handling the parameter due_year of the file /view/student_due_payment.php. Exploitation can be performed remotely, and the vulnerability has been publicly...
CVE-2024-4910
The CVE-2024-4910 issue affects Campcodes Complete Web-Based School Management System 1.0. Affects an unknown functionality in the file /view/student_exam_mark_insert_form1.php, where manipulating the grade parameter enables SQL injection. The vulnerability can be exploited remotely and has been ...
CVE-2024-4911
CVE-2024-4911 affects Campcodes Complete Web-Based School Management System v1.0. The vulnerability is in /view/student_exam_mark_update_form.php where manipulation of the exam parameter enables SQL injection, admitting remote exploitation. Multiple connected sources confirm the issue without det...
CVE-2024-4718
CVE-2024-4718 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerable component is an unknown function in /model/delete_student_grade_subject.php, where manipulation of the index parameter enables cross-site scripting. Exploitation can be performed remotely, and public d...
CVE-2024-4678
Campcodes Complete Web-Based School Management System 1.0 contains a cross-site scripting vulnerability in the /view/find_friends.php page. The my_type parameter can be manipulated to trigger XSS, with remote exploitation indicated and public disclosure of the exploit. Connected sources consisten...
CVE-2024-5108
CVE-2024-5108 affects Campcodes Complete Web-Based School Management System version 1.0. Affected is an unknown function in /view/student_payment_details4.php where manipulation of the index parameter causes SQL injection. The vulnerability can be exploited remotely; the exploit has been disclose...
CVE-2024-4713
CVE-2024-4713 impacts Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in the /view/all_teacher.php page, triggered by manipulating the page parameter. Exploitation can be carried out remotely, and public disclosure of the exploit is note...
CVE-2024-4722
The CVE-2024-4722 affects Campcodes Complete Web-Based School Management System 1.0, specifically the index.php file where manipulating the category argument triggers cross-site scripting. The vulnerability can be exploited remotely and public details exist about it. Multiple sources corroborate ...
CVE-2024-4716
CVE-2024-4716 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in the name parameter of the /model/update_exam.php page. Exploitation can be performed remotely, and multiple sources confirm the vulnerability and public disclosure ...
CVE-2024-4719
CVE-2024-4719 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in the /model/delete_record.php page triggered by manipulating the page parameter, allowing remote exploitation. The exploit has been disclosed publicly (VDB-263797). ...
CVE-2024-4721
CVE-2024-4721 affects Campcodes Complete Web-Based School Management System 1.0, impacting an unknown part of /model/add_student_subject.php where manipulation of the index parameter enables cross-site scripting. The vulnerability can be triggered remotely and has been disclosed publicly. Connect...
CVE-2024-4717
CVE-2024-4717 affects Campcodes Complete Web-Based School Management System 1.0. A cross-site scripting vulnerability arises from manipulating the name parameter in /model/update_classroom.php, exploitable remotely. The issue is triggered by improper handling of the argument name, enabling user-c...
CVE-2024-33805
The CVE-2024-33805 issue affects Campcodes Complete Web-Based School Management System 1.0, specifically the /model/get_student.php endpoint. A SQL injection via the id parameter is used to execute arbitrary SQL commands, enabling high-severity impact on confidentiality, integrity, and availabili...
CVE-2024-33801
Affects: Campcodes Complete Web-Based School Management System v1.0. Vulnerable component: /model/get_subject_routing.php. Root cause: SQL injection via the id parameter that allows arbitrary SQL execution. Impact (per sources): high confidentiality, integrity, and availability implications; over...
CVE-2024-4682
CVE-2024-4682 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in the unknown functionality of /view/exam_timetable_update_form.php, triggered by manipulating the exam parameter. It can be exploited remotely and is publicly disclo...
CVE-2024-4685
The CVE-2024-4685 entry concerns Campcodes Complete Web-Based School Management System 1.0. A cross-site scripting vulnerability arises from manipulating the exam parameter in /view/exam_timetable.php. It can be exploited remotely, and public exploits are reported. Affected products/versions are ...
CVE-2024-4714
The CVE-2024-4714 issue affects Campcodes Complete Web-Based School Management System 1.0, with a cross-site scripting flaw in the /model/update_subject.php page. The vulnerability arises from manipulation of the name parameter, allowingXSS that can be triggered remotely. Documents consistently i...
CVE-2024-4715
CVE-2024-4715 : Campcodes Complete Web-Based School Management System 1.0 contains a cross-site scripting (XSS) vulnerability in the /model/update_grade.php page. The issue arises from manipulation of the name argument, enabling remote exploitation. Public disclosures exist (VDB-263793), with mul...
CVE-2024-4677
CVE-2024-4677 affects Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/my_student_exam_marks1.php where manipulating the year parameter triggers cross-site scripting. The vulnerability can be exploited remotely, and the exploit has been ...
CVE-2024-4720
CVE-2024-4720 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerable component is the script at /model/approve_petty_cash.php, where manipulating the admin_index parameter enables cross-site scripting (XSS). Attacks may be launched remotely, and public exploits are repo...
CVE-2024-4676
The vulnerability CVE-2024-4676 affects Campcodes Complete Web-Based School Management System 1.0. The issue is a cross-site scripting (XSS) flaw arising from manipulation of the count argument in the /view/range_grade_text.php endpoint. Attack vector is remote and public exploit appears to have ...
CVE-2024-4683
CVE-2024-4683 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in the /view/exam_timetable_insert_form.php page, triggered by manipulating the exam parameter. It is described as exploitable remotely and the exploit has been disclo...
CVE-2024-4684
Campcodes Complete Web-Based School Management System 1.0 is affected by a cross-site scripting vulnerability in the /view/exam_timetable_grade_wise.php page, caused by improper handling of the exam parameter. The vulnerability allows remote exploitation and is supported by multiple sources (e.g....
CVE-2024-4672
The CVE-2024-4672 entry describes a cross-site scripting vulnerability in Campcodes Complete Web-Based School Management System 1.0, affecting the file /view/show_student_subject.php. The vulnerability is triggered by manipulating the id parameter, enabling a remote attacker to exploit XSS. Publi...
CVE-2024-4686
CVE-2024-4686 affects Campcodes Complete Web-Based School Management System 1.0. The issue is a cross-site scripting vulnerability in the grade parameter of the /view/emarks_range_grade_update_form.php script. The flaws arise from manipulation of the grade argument and may be exploited remotely; ...
CVE-2024-4687
CVE-2024-4687 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in an unknown function of the file /view/create_events.php, triggered by manipulating the my_index argument. It can be exploited remotely and the exploit has been disc...