CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32380
https://notcve.org/view.php?id=CVE-2022-32380
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_student_subject.php?index=. itsourcecode Advanced School Management System versión v1.0, es vulnerable a una inyección SQL por medio del archivo /school/model/get_student_subject.php?index= • https://github.com/k0xx11/bug_report/blob/main/vendors/itsourcecode.com/advanced-school-management-system/SQLi-12.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32381
https://notcve.org/view.php?id=CVE-2022-32381
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_admin_profile.php?my_index=. itsourcecode Advanced School Management System versión v1.0, es vulnerable a una inyección SQL por medio del archivo /school/model/get_admin_profile.php?my_index= • https://github.com/k0xx11/bug_report/blob/main/vendors/itsourcecode.com/advanced-school-management-system/SQLi-11.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32433
https://notcve.org/view.php?id=CVE-2022-32433
itsourcecode Advanced School Management System v1.0 is vulnerable to Arbitrary code execution via ip/school/view/all_teacher.php. itsourcecode Advanced School Management System versión v1.0, es vulnerable a una ejecución de código arbitrario por medio del archivo ip/school/view/all_teacher.php • https://github.com/tamchikit/bug_report/blob/main/vendors/itsourcecode.com/advanced-school-management-system/RCE-1.md • CWE-434: Unrestricted Upload of File with Dangerous Type •