VYPR

School Manage System

by Alle Information Co., Ltd.

CVEs (3)

  • CVE-2020-10507CriApr 15, 2020
    risk 0.64cvss 9.8epss 0.01

    The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload (RCE) , that would allow attackers to gain access in the hosting machine.

  • CVE-2020-10505CriApr 15, 2020
    risk 0.64cvss 9.8epss 0.01

    The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of SQL Injection, an attacker can use a union based injection query string to get databases schema and username/password.

  • CVE-2020-10506HigApr 15, 2020
    risk 0.49cvss 7.5epss 0.01

    The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Path Traversal, allowing attackers to access arbitrary files.