Skip to main content

Schoolbox

6 CVEs product

Monthly

CVE-2024-28097 MEDIUM This Month

Calendar functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Schoolbox
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-28096 MEDIUM This Month

Class functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Schoolbox
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-28095 MEDIUM This Month

News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Schoolbox
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-28094 HIGH This Week

Chat functionality in Schoolbox application before version 23.1.3 is vulnerable to blind SQL Injection enabling the authenticated attackers to read, modify, and delete database records. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Schoolbox
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-3059 HIGH This Week

The application was vulnerable to multiple instances of SQL injection (authenticated and unauthenticated) through a vulnerable parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Schoolbox
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-39020 MEDIUM This Month

Multiple instances of XSS (stored and reflected) was found in the application. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS File Upload Schoolbox
NVD
CVSS 3.1
6.1
EPSS
0.4%
EPSS 0% CVSS 5.4
MEDIUM This Month

Calendar functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Schoolbox
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Class functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Schoolbox
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Schoolbox
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Chat functionality in Schoolbox application before version 23.1.3 is vulnerable to blind SQL Injection enabling the authenticated attackers to read, modify, and delete database records. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Schoolbox
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The application was vulnerable to multiple instances of SQL injection (authenticated and unauthenticated) through a vulnerable parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Schoolbox
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Multiple instances of XSS (stored and reflected) was found in the application. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS File Upload Schoolbox
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy