CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32379
https://notcve.org/view.php?id=CVE-2022-32379
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_parents_profile.php?my_index=. itsourcecode Advanced School Management System versión v1.0, es vulnerable a una inyección SQL por medio del archivo /school/model/get_parents_profile.php?my_index= • https://github.com/k0xx11/bug_report/blob/main/vendors/itsourcecode.com/advanced-school-management-system/SQLi-10.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32380
https://notcve.org/view.php?id=CVE-2022-32380
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_student_subject.php?index=. itsourcecode Advanced School Management System versión v1.0, es vulnerable a una inyección SQL por medio del archivo /school/model/get_student_subject.php?index= • https://github.com/k0xx11/bug_report/blob/main/vendors/itsourcecode.com/advanced-school-management-system/SQLi-12.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32381
https://notcve.org/view.php?id=CVE-2022-32381
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_admin_profile.php?my_index=. itsourcecode Advanced School Management System versión v1.0, es vulnerable a una inyección SQL por medio del archivo /school/model/get_admin_profile.php?my_index= • https://github.com/k0xx11/bug_report/blob/main/vendors/itsourcecode.com/advanced-school-management-system/SQLi-11.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-32433
https://notcve.org/view.php?id=CVE-2022-32433
itsourcecode Advanced School Management System v1.0 is vulnerable to Arbitrary code execution via ip/school/view/all_teacher.php. itsourcecode Advanced School Management System versión v1.0, es vulnerable a una ejecución de código arbitrario por medio del archivo ip/school/view/all_teacher.php • https://github.com/tamchikit/bug_report/blob/main/vendors/itsourcecode.com/advanced-school-management-system/RCE-1.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30513
https://notcve.org/view.php?id=CVE-2022-30513
School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:125 School Dormitory Management System versión v1.0, es vulnerable a un ataque de tipo cross-site scripting (XSS) reflejado por medio de admin/inc/navigation.php:125 • https://github.com/bigzooooz/CVE-2022-30513 https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •