Campcodes

Complete Web-based School Management System

104 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2024-4648

Exploit
  • EPSS 0.1%
  • Veröffentlicht 08.05.2024 13:15:08
  • Zuletzt bearbeitet 19.02.2025 18:04:02

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /view/student_exam_mark_update_form.php. The manipulation of th...

8.6

CVE-2024-33405

Exploit
  • EPSS 0.12%
  • Veröffentlicht 06.05.2024 18:15:08
  • Zuletzt bearbeitet 25.03.2025 17:20:43

SQL injection vulnerability in add_friends.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the friend_index parameter.

7.3

CVE-2024-33406

Exploit
  • EPSS 0.12%
  • Veröffentlicht 06.05.2024 18:15:08
  • Zuletzt bearbeitet 25.03.2025 17:20:38

SQL injection vulnerability in /model/delete_student_grade_subject.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the index parameter.

5.9

CVE-2024-33407

Exploit
  • EPSS 0.07%
  • Veröffentlicht 06.05.2024 18:15:08
  • Zuletzt bearbeitet 25.03.2025 17:20:35

SQL injection vulnerability in /model/delete_record.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter.

9.8

CVE-2024-33408

Exploit
  • EPSS 0.19%
  • Veröffentlicht 06.05.2024 18:15:08
  • Zuletzt bearbeitet 25.03.2025 17:20:32

A SQL injection vulnerability in /model/get_classroom.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter.

9.8

CVE-2024-33409

Exploit
  • EPSS 0.19%
  • Veröffentlicht 06.05.2024 18:15:08
  • Zuletzt bearbeitet 25.03.2025 17:20:28

SQL injection vulnerability in index.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the name parameter.

8.1

CVE-2024-33410

Exploit
  • EPSS 0.19%
  • Veröffentlicht 06.05.2024 18:15:08
  • Zuletzt bearbeitet 25.03.2025 17:20:24

SQL injection vulnerability in /model/delete_range_grade.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter.

9.8

CVE-2024-33411

Exploit
  • EPSS 0.19%
  • Veröffentlicht 06.05.2024 18:15:08
  • Zuletzt bearbeitet 25.03.2025 17:20:15

A SQL injection vulnerability in /model/get_admin_profile.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the my_index parameter.

9.8

CVE-2024-33403

Exploit
  • EPSS 0.18%
  • Veröffentlicht 06.05.2024 18:15:07
  • Zuletzt bearbeitet 25.03.2025 17:20:53

A SQL injection vulnerability in /model/get_events.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the event_id parameter.

8.3

CVE-2024-33404

Exploit
  • EPSS 0.11%
  • Veröffentlicht 06.05.2024 18:15:07
  • Zuletzt bearbeitet 25.03.2025 17:20:48

A SQL injection vulnerability in /model/add_student_first_payment.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the index parameter.