Responsive School Management System Security Vulnerabilities and Issues — Responsive School Management System CVE List

Lucene search

LopalopaResponsive School Management System

17 matches found

CVE•added 2024/08/07 4:15 p.m.•97 views

CVE-2024-41248

An Incorrect Access Control vulnerability was found in /smsa/add_subject.php and /smsa/add_subject_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new subject entry.

7.5CVSS7.2AI score0.00225EPSS

CVE•added 2024/08/07 5:15 p.m.•50 views

CVE-2024-41250

An Incorrect Access Control vulnerability was found in /smsa/view_students.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT details.

5.3CVSS6.8AI score0.00178EPSS

CVE•added 2024/08/07 7:15 p.m.•47 views

CVE-2024-41239

A Stored Cross Site Scripting (XSS) vulnerability was found in "/smsa/add_class_submit.php" in Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "class_name" parameter field.

5.9CVSS5.6AI score0.00148EPSS

CVE•added 2024/08/08 4:15 p.m.•45 views

CVE-2024-41238

A SQL injection vulnerability in /smsa/student_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter.

5.3CVSS8.5AI score0.00069EPSS

CVE•added 2024/08/28 6:15 p.m.•44 views

CVE-2024-41236

A SQL injection vulnerability in /smsa/admin_login.php in Kashipara Responsive School Management System v3.2.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter of the Admin Login Page

7.2CVSS8.6AI score0.00117EPSS

CVE•added 2024/08/07 5:15 p.m.•41 views

CVE-2024-41245

An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER details.

7.5CVSS7.1AI score0.00214EPSS

CVE•added 2024/08/07 5:15 p.m.•40 views

CVE-2024-41244

An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS details.

7.5CVSS7.1AI score0.00214EPSS

CVE•added 2024/08/07 7:15 p.m.•39 views

CVE-2024-41237

A SQL injection vulnerability in /smsa/teacher_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter.

9.8CVSS8.8AI score0.00123EPSS

CVE•added 2024/08/07 4:15 p.m.•36 views

CVE-2024-41251

An Incorrect Access Control vulnerability was found in /smsa/admin_teacher_register_approval.php and /smsa/admin_teacher_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve Teacher registration.

6.5CVSS7.2AI score0.00168EPSS

CVE•added 2024/08/07 6:15 p.m.•32 views

CVE-2024-41242

A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.

6.1CVSS6.6AI score0.00142EPSS

CVE•added 2024/08/07 5:15 p.m.•25 views

CVE-2024-41243

An Incorrect Access Control vulnerability was found in /smsa/view_marks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details.

5.3CVSS6.8AI score0.00178EPSS

CVE•added 2024/08/07 4:15 p.m.•24 views

CVE-2024-41249

An Incorrect Access Control vulnerability was found in /smsa/view_subject.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view SUBJECT details.

7.5CVSS7.1AI score0.00214EPSS

CVE•added 2024/08/07 4:15 p.m.•23 views

CVE-2024-41246

An Incorrect Access Control vulnerability was found in /smsa/admin_dashboard.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view administrator dashboard.

5.3CVSS7.1AI score0.00178EPSS

CVE•added 2024/08/07 4:15 p.m.•21 views

CVE-2024-41252

An Incorrect Access Control vulnerability was found in /smsa/admin_student_register_approval.php and /smsa/admin_student_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve student registration.

6.5CVSS7.2AI score0.00178EPSS

CVE•added 2024/08/07 4:15 p.m.•18 views

CVE-2024-41247

An Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa/add_class_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new class entry.

9.1CVSS7.2AI score0.00212EPSS

CVE•added 2024/08/07 6:15 p.m.•17 views

CVE-2024-41241

A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.

6.1CVSS6.6AI score0.00148EPSS

CVE•added 2024/08/07 6:15 p.m.•16 views

CVE-2024-41240

A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/teacher_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the "error" parameter.

6.3CVSS6.3AI score0.00157EPSS