Code-Projects: >> Simple School Management System Security Vulnerabilities
File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows attackers to run arbitrary code via upload of crafted file.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-04-25
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5."
CVSS Score
8.8
EPSS Score
0.002
Published
2024-02-09
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php".
CVSS Score
8.8
EPSS Score
0.002
Published
2024-02-09
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at School/teacher_login.php.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-02-09
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacher_login.php.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-02-09
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/sub_delete.php?id=5."
CVSS Score
8.8
EPSS Score
0.002
Published
2024-02-09
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacher_login.php.
CVSS Score
8.8
EPSS Score
0.0
Published
2024-02-09
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php."
CVSS Score
8.8
EPSS Score
0.002
Published
2024-02-09
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/index.php.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-02-09