CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4909 – Campcodes Complete Web-Based School Management System student_due_payment.php sql injection
https://notcve.org/view.php?id=CVE-2024-4909
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /view/student_due_payment.php. The manipulation of the argument due_year leads to sql injection. It is possible to launch the attack remotely. • https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%205.pdf https://vuldb.com/?ctiid.264444 https://vuldb.com/?id.264444 https://vuldb.com/?submit.333295 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4908 – Campcodes Complete Web-Based School Management System student_attendance_history1.php sql injection
https://notcve.org/view.php?id=CVE-2024-4908
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /view/student_attendance_history1.php. The manipulation of the argument index leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%204.pdf https://vuldb.com/?ctiid.264443 https://vuldb.com/?id.264443 https://vuldb.com/?submit.333294 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4907 – Campcodes Complete Web-Based School Management System show_student2.php sql injection
https://notcve.org/view.php?id=CVE-2024-4907
A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /view/show_student2.php. The manipulation of the argument grade leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%203.pdf https://vuldb.com/?ctiid.264442 https://vuldb.com/?id.264442 https://vuldb.com/?submit.333293 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4906 – Campcodes Complete Web-Based School Management System show_student1.php sql injection
https://notcve.org/view.php?id=CVE-2024-4906
A vulnerability, which was classified as critical, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/show_student1.php. The manipulation of the argument grade leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%202.pdf https://vuldb.com/?ctiid.264441 https://vuldb.com/?id.264441 https://vuldb.com/?submit.333292 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4722 – Campcodes Complete Web-Based School Management System index.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-4722
A vulnerability classified as problematic was found in Campcodes Complete Web-Based School Management System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument category leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20xss/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2045.pdf https://vuldb.com/?ctiid.263800 https://vuldb.com/?id.263800 https://vuldb.com/?submit.331888 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •