Arox: >> School Erp Pro >> 1.0 Security Vulnerabilities
Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1finance_master.inc.php.
CVSS Score
8.8
EPSS Score
0.055
Published
2022-07-15
Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the dispatchcategory parameter in backoffice.inc.php.
CVSS Score
6.1
EPSS Score
0.036
Published
2022-07-15