CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4908 – Campcodes Complete Web-Based School Management System student_attendance_history1.php sql injection
https://notcve.org/view.php?id=CVE-2024-4908
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /view/student_attendance_history1.php. The manipulation of the argument index leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%204.pdf https://vuldb.com/?ctiid.264443 https://vuldb.com/?id.264443 https://vuldb.com/?submit.333294 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4907 – Campcodes Complete Web-Based School Management System show_student2.php sql injection
https://notcve.org/view.php?id=CVE-2024-4907
A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /view/show_student2.php. The manipulation of the argument grade leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%203.pdf https://vuldb.com/?ctiid.264442 https://vuldb.com/?id.264442 https://vuldb.com/?submit.333293 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4906 – Campcodes Complete Web-Based School Management System show_student1.php sql injection
https://notcve.org/view.php?id=CVE-2024-4906
A vulnerability, which was classified as critical, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/show_student1.php. The manipulation of the argument grade leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%202.pdf https://vuldb.com/?ctiid.264441 https://vuldb.com/?id.264441 https://vuldb.com/?submit.333292 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4819 – Campcodes Online Laundry Management System admin_class.php improper authorization
https://notcve.org/view.php?id=CVE-2024-4819
A vulnerability was found in Campcodes Online Laundry Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file admin_class.php. The manipulation of the argument type with the input 1 leads to improper authorization. It is possible to launch the attack remotely. • https://github.com/yylmm/CVE/blob/main/Online%20Laundry%20Management%20System/IDOR.md https://vuldb.com/?ctiid.263940 https://vuldb.com/?id.263940 https://vuldb.com/?submit.333058 • CWE-285: Improper Authorization •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4818 – Campcodes Online Laundry Management System index.php file inclusion
https://notcve.org/view.php?id=CVE-2024-4818
A vulnerability was found in Campcodes Online Laundry Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/yylmm/CVE/blob/main/Online%20Laundry%20Management%20System/LFI.md https://vuldb.com/?ctiid.263939 https://vuldb.com/?id.263939 https://vuldb.com/?submit.333057 • CWE-73: External Control of File Name or Path •