Lopalopa

Responsive School Management System

17 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2024-41236

Exploit
  • EPSS 0.09%
  • Veröffentlicht 28.08.2024 18:15:09
  • Zuletzt bearbeitet 30.08.2024 16:02:49

A SQL injection vulnerability in /smsa/admin_login.php in Kashipara Responsive School Management System v3.2.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter of the Admin Login Page

5.3

CVE-2024-41238

Exploit
  • EPSS 0.14%
  • Veröffentlicht 08.08.2024 16:15:09
  • Zuletzt bearbeitet 12.08.2024 15:06:26

A SQL injection vulnerability in /smsa/student_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter.

4.8

CVE-2024-41239

Exploit
  • EPSS 0.17%
  • Veröffentlicht 07.08.2024 19:15:48
  • Zuletzt bearbeitet 08.08.2024 19:04:43

A Stored Cross Site Scripting (XSS) vulnerability was found in "/smsa/add_class_submit.php" in Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "class_name" parameter field.

9.8

CVE-2024-41237

Exploit
  • EPSS 0.16%
  • Veröffentlicht 07.08.2024 19:15:48
  • Zuletzt bearbeitet 08.08.2024 20:53:45

A SQL injection vulnerability in /smsa/teacher_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter.

6.1

CVE-2024-41242

Exploit
  • EPSS 0.22%
  • Veröffentlicht 07.08.2024 18:15:37
  • Zuletzt bearbeitet 08.08.2024 15:21:56

A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.

6.1

CVE-2024-41241

Exploit
  • EPSS 0.17%
  • Veröffentlicht 07.08.2024 18:15:37
  • Zuletzt bearbeitet 03.09.2024 19:35:14

A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.

6.1

CVE-2024-41240

Exploit
  • EPSS 0.17%
  • Veröffentlicht 07.08.2024 18:15:37
  • Zuletzt bearbeitet 13.08.2024 15:35:13

A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/teacher_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the "error" parameter.

5.3

CVE-2024-41245

Exploit
  • EPSS 0.31%
  • Veröffentlicht 07.08.2024 17:15:51
  • Zuletzt bearbeitet 08.08.2024 15:20:58

An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER details.

5.3

CVE-2024-41250

Exploit
  • EPSS 0.23%
  • Veröffentlicht 07.08.2024 17:15:51
  • Zuletzt bearbeitet 14.03.2025 16:15:34

An Incorrect Access Control vulnerability was found in /smsa/view_students.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT details.

5.3

CVE-2024-41244

Exploit
  • EPSS 0.24%
  • Veröffentlicht 07.08.2024 17:15:51
  • Zuletzt bearbeitet 08.08.2024 15:20:24

An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS details.