Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Responsive_school_management_system
(Lopalopa)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 17 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-08-07 | CVE-2024-41251 | An Incorrect Access Control vulnerability was found in /smsa/admin_teacher_register_approval.php and /smsa/admin_teacher_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve Teacher registration. | Responsive_school_management_system | 6.5 | ||
| 2024-08-07 | CVE-2024-41250 | An Incorrect Access Control vulnerability was found in /smsa/view_students.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT details. | Responsive_school_management_system | 5.3 | ||
| 2024-08-07 | CVE-2024-41241 | A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter. | Responsive_school_management_system | 6.1 | ||
| 2024-08-28 | CVE-2024-41236 | A SQL injection vulnerability in /smsa/admin_login.php in Kashipara Responsive School Management System v3.2.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter of the Admin Login Page | Responsive_school_management_system | 7.2 | ||
| 2024-08-07 | CVE-2024-41240 | A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/teacher_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the "error" parameter. | Responsive_school_management_system | 6.1 | ||
| 2024-08-08 | CVE-2024-41238 | A SQL injection vulnerability in /smsa/student_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter. | Responsive_school_management_system | 5.3 | ||
| 2024-08-07 | CVE-2024-41237 | A SQL injection vulnerability in /smsa/teacher_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter. | Responsive_school_management_system | 9.8 | ||
| 2024-08-07 | CVE-2024-41246 | An Incorrect Access Control vulnerability was found in /smsa/admin_dashboard.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view administrator dashboard. | Responsive_school_management_system | 5.3 | ||
| 2024-08-07 | CVE-2024-41247 | An Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa/add_class_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new class entry. | Responsive_school_management_system | 5.3 | ||
| 2024-08-07 | CVE-2024-41248 | An Incorrect Access Control vulnerability was found in /smsa/add_subject.php and /smsa/add_subject_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new subject entry. | Responsive_school_management_system | 5.3 |