Code-projects

Simple School Management System

10 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2024-31609

Exploit
  • EPSS 0.07%
  • Published 25.04.2024 22:15:08
  • Last modified 18.04.2025 18:42:24

Cross Site Scripting (XSS) vulnerability in BOSSCMS v3.10 allows attackers to run arbitrary code via the header code and footer code fields in code configuration.

6.3

CVE-2024-31610

Exploit
  • EPSS 0.2%
  • Published 25.04.2024 22:15:08
  • Last modified 04.04.2025 14:39:00

File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows attackers to run arbitrary code via upload of crafted file.

8.8

CVE-2024-25310

Exploit
  • EPSS 0.18%
  • Published 09.02.2024 14:15:08
  • Last modified 21.11.2024 09:00:37

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5."

8.8

CVE-2024-25306

Exploit
  • EPSS 0.18%
  • Published 09.02.2024 13:15:42
  • Last modified 21.11.2024 09:00:36

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php".

8.8

CVE-2024-25308

Exploit
  • EPSS 0.18%
  • Published 09.02.2024 13:15:42
  • Last modified 12.06.2025 15:15:37

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at School/teacher_login.php.

8.8

CVE-2024-25309

Exploit
  • EPSS 0.18%
  • Published 09.02.2024 13:15:42
  • Last modified 17.06.2025 20:15:30

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacher_login.php.

8.8

CVE-2024-25312

Exploit
  • EPSS 0.18%
  • Published 09.02.2024 13:15:42
  • Last modified 21.11.2024 09:00:37

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/sub_delete.php?id=5."

8.8

CVE-2024-25313

Exploit
  • EPSS 0.04%
  • Published 09.02.2024 13:15:42
  • Last modified 21.11.2024 09:00:37

Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacher_login.php.

8.8

CVE-2024-25304

Exploit
  • EPSS 0.18%
  • Published 09.02.2024 13:15:41
  • Last modified 15.05.2025 20:15:48

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php."

8.8

CVE-2024-25305

Exploit
  • EPSS 0.07%
  • Published 09.02.2024 13:15:41
  • Last modified 15.05.2025 20:15:48

Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/index.php.