VYPR

School Fees Payment Management System

by Campcodes

CVEs (28)

  • CVE-2024-7166Jul 28, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester School Fees Payment System 1.0. It has been classified as critical. Affected is an unknown function of the file /receipt.php. The manipulation of the argument ef_id leads to sql injection. It is possible to launch the attack remotely.…

  • CVE-2024-7165Jul 28, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester School Fees Payment System 1.0 and classified as critical. This issue affects some unknown processing of the file /view_payment.php. The manipulation of the argument ef_id leads to sql injection. The attack may be initiated remotely.…

  • CVE-2024-7164Jul 28, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester School Fees Payment System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ajax.php?action=login. The manipulation of the argument username leads to sql injection. The attack can be initiated…

  • CVE-2023-49987Mar 7, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in the component /management/term of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tname parameter.

  • CVE-2023-49985Mar 6, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cname parameter.

  • CVE-2023-49983Mar 6, 2024
    risk 0.00cvss epss 0.01

    A cross-site scripting (XSS) vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.

  • CVE-2023-49982Mar 6, 2024
    risk 0.00cvss epss 0.01

    Broken access control in the component /admin/management/users of School Fees Management System v1.0 allows attackers to escalate privileges and perform Administrative actions, including adding and deleting user accounts.

  • CVE-2023-49981Mar 6, 2024
    risk 0.00cvss epss 0.01

    A directory listing vulnerability in School Fees Management System v1.0 allows attackers to list directories and sensitive files within the application without requiring authorization.

Page 2 of 2