Shodan
Vulnerabilities
Vulnerable Software
Lopalopa:  >> Responsive School Management System  >> 3.2.0  Security Vulnerabilities
CVE-2024-41236
A SQL injection vulnerability in /smsa/admin_login.php in Kashipara Responsive School Management System v3.2.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter of the Admin Login Page
CVSS Score
7.2
EPSS Score
0.001
Published
2024-08-28
CVE-2024-41238
A SQL injection vulnerability in /smsa/student_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-08-08
CVE-2024-41237
A SQL injection vulnerability in /smsa/teacher_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-08-07
CVE-2024-41239
A Stored Cross Site Scripting (XSS) vulnerability was found in "/smsa/add_class_submit.php" in Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "class_name" parameter field.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-08-07
CVE-2024-41240
A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/teacher_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the "error" parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-08-07
CVE-2024-41241
A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-08-07
CVE-2024-41242
A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-08-07
CVE-2024-41243
An Incorrect Access Control vulnerability was found in /smsa/view_marks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-08-07
CVE-2024-41244
An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS details.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-08-07
CVE-2024-41245
An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER details.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-08-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved