Lucene search
K
Oretnom23School Fees Management System

7 matches found

CVE
CVE
added 2024/03/07 12:0 a.m.68 views

CVE-2023-49987

CVE-2023-49987 affects School Fees Management System v1.0, with a cross-site scripting (XSS) flaw in the /management/term component where a crafted payload placed in the tname parameter can execute arbitrary script/HTML. Root cause: input handling in tname allows script execution. Impact: potenti...

5.4CVSS5.7AI score0.00431EPSS
Web
CVE
CVE
added 2024/03/07 12:0 a.m.58 views

CVE-2023-49986

The CVE-2023-49986 entry describes an XSS vulnerability in School Fees Management System 1.0, specifically in the /admin/parent component where a crafted payload placed in the name parameter can cause arbitrary web scripts/HTML to run. Root cause is unvalidated input in the name field leading to ...

4.7CVSS5.8AI score0.00471EPSS
Web
CVE
CVE
added 2024/03/06 12:0 a.m.44 views

CVE-2023-49985

The CVE-2023-49985 entry concerns a cross-site scripting (XSS) flaw in the School Fees Management System v1.0, specifically in the /management/class component, where an attacker can inject arbitrary web scripts via the cname parameter. The Red Hat/NVD/CNNVD/PRION and related entries confirm the v...

6.5CVSS5.7AI score0.00468EPSS
Web
CVE
CVE
added 2024/03/06 12:0 a.m.42 views

CVE-2023-49983

CVE-2023-49983 is an XSS vulnerability in the School Fees Management System v1.0, affecting the /management/class component. The issue allows an attacker to inject arbitrary web scripts or HTML through the name parameter, with impact described as high confidentiality impact and low integrity/avai...

6.8CVSS5.7AI score0.00574EPSS
Web
CVE
CVE
added 2024/03/06 12:0 a.m.41 views

CVE-2023-49981

The vulnerability CVE-2023-49981 affects School Fees Management System v1.0 and is a directory listing flaw caused by an improper access control/logic that allows unauthenticated users to enumerate directories and sensitive files. The CVSS v3.1 base score is 7.5 (HIGH) with NETWORK attack vector,...

7.5CVSS6.6AI score0.00745EPSS
CVE
CVE
added 2024/03/06 12:0 a.m.34 views

CVE-2023-49984

The CVE-2023-49984 entry affects School Fees Management System v1.0, with an XSS vulnerability in the /management/settings component. The issue allows attackers to inject arbitrary web scripts or HTML via the name parameter, enabling potential script execution. The vulnerability is documented acr...

6.1CVSS5.7AI score0.00483EPSS
Web
CVE
CVE
added 2024/03/06 12:0 a.m.33 views

CVE-2023-49982

CVE-2023-49982 affects School Fees Management System v1.0, specifically the vulnerable component at /admin/management/users. The root cause is broken access control that allows an attacker to escalate privileges and perform administrative actions, including adding and deleting user accounts. The ...

8.8CVSS7AI score0.00842EPSS