Oretnom23

School Fees Management System

7 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-49981

Exploit
  • EPSS 0.74%
  • Veröffentlicht 21.03.2024 02:49:38
  • Zuletzt bearbeitet 05.03.2025 18:24:35

A directory listing vulnerability in School Fees Management System v1.0 allows attackers to list directories and sensitive files within the application without requiring authorization.

8.8

CVE-2023-49982

Exploit
  • EPSS 0.52%
  • Veröffentlicht 21.03.2024 02:49:38
  • Zuletzt bearbeitet 16.04.2025 18:42:28

Broken access control in the component /admin/management/users of School Fees Management System v1.0 allows attackers to escalate privileges and perform Administrative actions, including adding and deleting user accounts.

6.8

CVE-2023-49983

Exploit
  • EPSS 0.39%
  • Veröffentlicht 21.03.2024 02:49:38
  • Zuletzt bearbeitet 16.04.2025 18:43:09

A cross-site scripting (XSS) vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.

6.1

CVE-2023-49984

Exploit
  • EPSS 0.27%
  • Veröffentlicht 21.03.2024 02:49:38
  • Zuletzt bearbeitet 16.04.2025 18:18:28

A cross-site scripting (XSS) vulnerability in the component /management/settings of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.

6.5

CVE-2023-49985

Exploit
  • EPSS 0.19%
  • Veröffentlicht 21.03.2024 02:49:38
  • Zuletzt bearbeitet 16.04.2025 18:18:51

A cross-site scripting (XSS) vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cname parameter.

4.7

CVE-2023-49986

Exploit
  • EPSS 0.2%
  • Veröffentlicht 07.03.2024 01:15:51
  • Zuletzt bearbeitet 16.04.2025 18:37:34

A cross-site scripting (XSS) vulnerability in the component /admin/parent of School Fees Management System 1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.

5.4

CVE-2023-49987

Exploit
  • EPSS 0.26%
  • Veröffentlicht 07.03.2024 01:15:51
  • Zuletzt bearbeitet 16.04.2025 15:38:23

A cross-site scripting (XSS) vulnerability in the component /management/term of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tname parameter.