Skip to main content

Schoolmate

3 CVEs product

Monthly

CVE-2023-40946 CRITICAL POC Act Now

Schoolmate 1.3 is vulnerable to SQL Injection in the variable $username from SESSION in ValidateLogin.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Schoolmate
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-40944 CRITICAL POC Act Now

Schoolmate 1.3 is vulnerable to SQL Injection in the variable $schoolname from Database at ~\header.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Schoolmate
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-39850 CRITICAL POC Act Now

Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Schoolmate
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Schoolmate 1.3 is vulnerable to SQL Injection in the variable $username from SESSION in ValidateLogin.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Schoolmate
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Schoolmate 1.3 is vulnerable to SQL Injection in the variable $schoolname from Database at ~\header.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Schoolmate
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Schoolmate
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy