Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Responsive_school_management_system
(Lopalopa)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 17 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-08-07 | CVE-2024-41249 | An Incorrect Access Control vulnerability was found in /smsa/view_subject.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view SUBJECT details. | Responsive_school_management_system | 5.3 | ||
| 2024-08-07 | CVE-2024-41252 | An Incorrect Access Control vulnerability was found in /smsa/admin_student_register_approval.php and /smsa/admin_student_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve student registration. | Responsive_school_management_system | 6.5 | ||
| 2024-08-07 | CVE-2024-41243 | An Incorrect Access Control vulnerability was found in /smsa/view_marks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details. | Responsive_school_management_system | 5.3 | ||
| 2024-08-07 | CVE-2024-41244 | An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS details. | Responsive_school_management_system | 5.3 | ||
| 2024-08-07 | CVE-2024-41245 | An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER details. | Responsive_school_management_system | 5.3 | ||
| 2024-08-07 | CVE-2024-41242 | A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter. | Responsive_school_management_system | 6.1 | ||
| 2024-08-07 | CVE-2024-41239 | A Stored Cross Site Scripting (XSS) vulnerability was found in "/smsa/add_class_submit.php" in Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "class_name" parameter field. | Responsive_school_management_system | 4.8 |