Management Software
by Printerlogic
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-4835 | Cri | 0.64 | 9.8 | 0.01 | Sep 15, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CF Software Oil Management Software allows SQL Injection. This issue affects Oil Management Software: before 20230912 . | ||
| CVE-2017-20196 | Med | 0.41 | 6.3 | 0.00 | Jan 26, 2025 | A vulnerability was found in Itechscripts School Management Software 2.75. It has been classified as critical. This affects an unknown part of the file /notice-edit.php. The manipulation of the argument aid leads to sql injection. It is possible to initiate the attack remotely.… | ||
| CVE-2021-42949 | 0.03 | — | 0.06 | Sep 16, 2022 | The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks. | |||
| CVE-2025-1159 | 0.00 | — | 0.00 | Feb 10, 2025 | A vulnerability was found in CampCodes School Management Software 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /academic-calendar. The manipulation leads to cross site scripting. The attack can be launched… | |||
| CVE-2025-0849 | 0.00 | — | 0.00 | Jan 30, 2025 | A vulnerability classified as critical has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /edit-staff/ of the component Staff Handler. The manipulation leads to improper authorization. It is possible to launch the attack… | |||
| CVE-2025-0710 | 0.00 | — | 0.00 | Jan 24, 2025 | A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /notice-list of the component Notice Board Page. The manipulation of the argument Notice leads to cross site scripting. It is… | |||
| CVE-2025-0625 | 0.00 | — | 0.00 | Jan 22, 2025 | A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. This affects an unknown part of the component Attachment Handler. The manipulation leads to improper control of resource identifiers. It is possible to initiate the… | |||
| CVE-2025-0581 | 0.00 | — | 0.00 | Jan 20, 2025 | A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. This affects an unknown part of the file /chat/group/send of the component Chat History. The manipulation of the argument message leads to cross site scripting. It is possible… | |||
| CVE-2025-0560 | 0.00 | — | 0.00 | Jan 18, 2025 | A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /photo-gallery of the component Photo Gallery Page. The manipulation of the argument Description leads to cross site… | |||
| CVE-2025-0559 | 0.00 | — | 0.00 | Jan 18, 2025 | A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to… | |||
| CVE-2020-6872 | 0.00 | — | 0.01 | Jul 20, 2020 | The server management software module of ZTE has a storage XSS vulnerability. The attacker inserts some attack codes through the foreground login page, which will cause the user to execute the predefined malicious script in the browser. This affects… | |||
| CVE-2019-9505 | 0.00 | — | 0.03 | May 8, 2019 | The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not sanitize special characters allowing for remote unauthorized changes to configuration files. An unauthenticated attacker may be able to remotely execute arbitrary code with SYSTEM… | |||
| CVE-2018-5409 | 0.00 | — | 0.01 | May 8, 2019 | The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and executes the code without sufficiently verifying the origin and integrity of the code. An attacker can execute malicious code by compromising the host server, performing DNS spoofing,… | |||
| CVE-2018-5408 | 0.00 | — | 0.01 | May 8, 2019 | The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not validate, or incorrectly validates, the PrinterLogic management portal's SSL certificate. When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity… |
- risk 0.64cvss 9.8epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CF Software Oil Management Software allows SQL Injection. This issue affects Oil Management Software: before 20230912 .
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in Itechscripts School Management Software 2.75. It has been classified as critical. This affects an unknown part of the file /notice-edit.php. The manipulation of the argument aid leads to sql injection. It is possible to initiate the attack remotely.…
- CVE-2021-42949Sep 16, 2022risk 0.03cvss —epss 0.06
The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks.
- CVE-2025-1159Feb 10, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in CampCodes School Management Software 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /academic-calendar. The manipulation leads to cross site scripting. The attack can be launched…
- CVE-2025-0849Jan 30, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /edit-staff/ of the component Staff Handler. The manipulation leads to improper authorization. It is possible to launch the attack…
- CVE-2025-0710Jan 24, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /notice-list of the component Notice Board Page. The manipulation of the argument Notice leads to cross site scripting. It is…
- CVE-2025-0625Jan 22, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. This affects an unknown part of the component Attachment Handler. The manipulation leads to improper control of resource identifiers. It is possible to initiate the…
- CVE-2025-0581Jan 20, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. This affects an unknown part of the file /chat/group/send of the component Chat History. The manipulation of the argument message leads to cross site scripting. It is possible…
- CVE-2025-0560Jan 18, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /photo-gallery of the component Photo Gallery Page. The manipulation of the argument Description leads to cross site…
- CVE-2025-0559Jan 18, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to…
- CVE-2020-6872Jul 20, 2020risk 0.00cvss —epss 0.01
The server management software module of ZTE has a storage XSS vulnerability. The attacker inserts some attack codes through the foreground login page, which will cause the user to execute the predefined malicious script in the browser. This affects…
- CVE-2019-9505May 8, 2019risk 0.00cvss —epss 0.03
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not sanitize special characters allowing for remote unauthorized changes to configuration files. An unauthenticated attacker may be able to remotely execute arbitrary code with SYSTEM…
- CVE-2018-5409May 8, 2019risk 0.00cvss —epss 0.01
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and executes the code without sufficiently verifying the origin and integrity of the code. An attacker can execute malicious code by compromising the host server, performing DNS spoofing,…
- CVE-2018-5408May 8, 2019risk 0.00cvss —epss 0.01
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not validate, or incorrectly validates, the PrinterLogic management portal's SSL certificate. When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity…