Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Online_institute_management_system
(Codezips)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-11-08 | CVE-2024-10993 | A vulnerability, which was classified as critical, was found in Codezips Online Institute Management System 1.0. Affected is an unknown function of the file /manage_website.php. The manipulation of the argument website_image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | Online_institute_management_system | 8.8 | ||
| 2024-11-08 | CVE-2024-10994 | A vulnerability has been found in Codezips Online Institute Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit_user.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | Online_institute_management_system | 8.8 | ||
| 2024-11-04 | CVE-2024-10764 | A vulnerability classified as critical has been found in Codezips Online Institute Management System 1.0. This affects an unknown part of the file /pages/save_user.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | Online_institute_management_system | 9.8 | ||
| 2024-11-04 | CVE-2024-10765 | A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0. This vulnerability affects unknown code of the file /profile.php. The manipulation of the argument old_image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | Online_institute_management_system | 9.8 | ||
| 2024-10-30 | CVE-2024-10509 | A vulnerability, which was classified as critical, has been found in Codezips Online Institute Management System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | Online_institute_management_system | 9.8 |