Skip to main content

School Erp Pro Responsive

3 CVEs product

Monthly

CVE-2024-4824 CRITICAL Act Now

Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/office_admin/' index in the parameters groups_id, examname, classes_id, es_voucherid, es_class, etc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi School Erp Pro Responsive
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-4823 MEDIUM This Month

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the index '/schoolerp/office_admin/' in the parameters es_bankacc, es_bank_name, es_bank_pin, es_checkno, es_teller_number, dc1 and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS School Erp Pro Responsive
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2024-4822 MEDIUM This Month

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the username and password parameters in '/index.php'. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS School Erp Pro Responsive
NVD
CVSS 3.1
6.1
EPSS
0.4%
EPSS 1% CVSS 9.8
CRITICAL Act Now

Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/office_admin/' index in the parameters groups_id, examname, classes_id, es_voucherid, es_class, etc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi School Erp Pro Responsive
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the index '/schoolerp/office_admin/' in the parameters es_bankacc, es_bank_name, es_bank_pin, es_checkno, es_teller_number, dc1 and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS School Erp Pro Responsive
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in School ERP Pro+Responsive 1.0 that allows XSS via the username and password parameters in '/index.php'. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS School Erp Pro Responsive
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy