Computer Laboratory Management System
by Computer Laboratory Management System
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-31546 | Cri | 0.64 | 9.8 | 0.01 | Apr 19, 2024 | Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/view_damage.php. | ||
| CVE-2024-31545 | Cri | 0.61 | 9.4 | 0.01 | Apr 22, 2024 | Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6. | ||
| CVE-2024-31547 | Cri | 0.59 | 9.1 | 0.01 | Apr 19, 2024 | Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/view_item.php. | ||
| CVE-2024-34224 | Hig | 0.48 | 7.3 | 0.01 | May 14, 2024 | Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters. | ||
| CVE-2024-34225 | Med | 0.40 | 6.1 | 0.01 | May 14, 2024 | Cross Site Scripting vulnerability in php-lms/admin/?page=system_info in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the name, shortname parameters. | ||
| CVE-2024-31544 | Med | 0.35 | 5.4 | 0.00 | Apr 9, 2024 | A stored cross-site scripting (XSS) vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrower_name”, “faculty_department” parameters in… |
- risk 0.64cvss 9.8epss 0.01
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/view_damage.php.
- risk 0.61cvss 9.4epss 0.01
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6.
- risk 0.59cvss 9.1epss 0.01
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/view_item.php.
- risk 0.48cvss 7.3epss 0.01
Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters.
- risk 0.40cvss 6.1epss 0.01
Cross Site Scripting vulnerability in php-lms/admin/?page=system_info in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the name, shortname parameters.
- risk 0.35cvss 5.4epss 0.00
A stored cross-site scripting (XSS) vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrower_name”, “faculty_department” parameters in…