Security Vulnerabilities - CVEs Published In August 2024
An Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa/add_class_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new class entry.
CVSS Score
5.3
EPSS Score
0.004
Published
2024-08-07
An Incorrect Access Control vulnerability was found in /smsa/add_subject.php and /smsa/add_subject_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new subject entry.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-08-07
An Incorrect Access Control vulnerability was found in /smsa/view_subject.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view SUBJECT details.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-08-07
An Incorrect Access Control vulnerability was found in /smsa/admin_teacher_register_approval.php and /smsa/admin_teacher_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve Teacher registration.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-08-07
An Incorrect Access Control vulnerability was found in /smsa/admin_student_register_approval.php and /smsa/admin_student_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve student registration.
CVSS Score
6.5
EPSS Score
0.004
Published
2024-08-07
An issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-08-07
SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-08-07
SourceCodester Computer Laboratory Management System 1.0 allows admin/category/view_category.php id SQL Injection.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-07
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.
CVSS Score
7.5
EPSS Score
0.004
Published
2024-08-07
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.
CVSS Score
7.5
EPSS Score
0.005
Published
2024-08-07