Simple School Management System@1.0 Security Vulnerabilities and Issues — Simple School Management System@1.0 CVE List

Lucene search

Code-projectsSimple School Management System1.0

10 matches found

CVE•added 2024/02/09 1:15 p.m.•82 views

CVE-2024-25304

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php."

8.8CVSS9.1AI score0.00176EPSS

CVE•added 2024/02/09 1:15 p.m.•78 views

CVE-2024-25305

Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/index.php.

8.8CVSS8.7AI score0.00067EPSS

CVE•added 2024/02/09 1:15 p.m.•73 views

CVE-2024-25309

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacher_login.php.

8.8CVSS9.1AI score0.00176EPSS

CVE•added 2024/02/09 2:15 p.m.•66 views

CVE-2024-25310

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5."

8.8CVSS9.1AI score0.00176EPSS

CVE•added 2024/04/25 10:15 p.m.•59 views

CVE-2024-31609

Cross Site Scripting (XSS) vulnerability in BOSSCMS v3.10 allows attackers to run arbitrary code via the header code and footer code fields in code configuration.

7.1CVSS6.2AI score0.0005EPSS

CVE•added 2024/04/25 10:15 p.m.•48 views

CVE-2024-31610

File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows attackers to run arbitrary code via upload of crafted file.

6.3CVSS7.3AI score0.00147EPSS

CVE•added 2024/02/09 1:15 p.m.•38 views

CVE-2024-25313

Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacher_login.php.

8.8CVSS8.7AI score0.00037EPSS

CVE•added 2024/02/09 1:15 p.m.•37 views

CVE-2024-25312

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/sub_delete.php?id=5."

8.8CVSS9.1AI score0.00176EPSS

CVE•added 2024/02/09 1:15 p.m.•23 views

CVE-2024-25308

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at School/teacher_login.php.

8.8CVSS9.1AI score0.00176EPSS

CVE•added 2024/02/09 1:15 p.m.•22 views

CVE-2024-25306

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php".

8.8CVSS9.1AI score0.00176EPSS