Skip to main content

Ingenious School Management System

2 CVEs product

Monthly

CVE-2017-16561 CRITICAL POC Act Now

/view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ingenious School Management System
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-15957 HIGH POC This Week

my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Ingenious School Management System
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
3.3%
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

/view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ingenious School Management System
NVD Exploit-DB
EPSS 3% CVSS 8.8
HIGH POC This Week

my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Ingenious School Management System
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy