VYPR

Responsive School Management System

by Kashipara

CVEs (19)

  • CVE-2024-41237CriAug 7, 2024
    risk 0.64cvss 9.8epss 0.01

    A SQL injection vulnerability in /smsa/teacher_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter.

  • CVE-2024-41236HigAug 28, 2024
    risk 0.47cvss 7.2epss 0.00

    A SQL injection vulnerability in /smsa/admin_login.php in Kashipara Responsive School Management System v3.2.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter of the Admin Login Page

  • CVE-2024-41252MedAug 7, 2024
    risk 0.42cvss 6.5epss 0.00

    An Incorrect Access Control vulnerability was found in /smsa/admin_student_register_approval.php and /smsa/admin_student_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve…

  • CVE-2024-41251MedAug 7, 2024
    risk 0.42cvss 6.5epss 0.00

    An Incorrect Access Control vulnerability was found in /smsa/admin_teacher_register_approval.php and /smsa/admin_teacher_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve…

  • CVE-2024-46336MedNov 17, 2025
    risk 0.40cvss 6.1epss 0.00

    kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via /client_user/feedback.php.

  • CVE-2024-46334MedNov 17, 2025
    risk 0.40cvss 6.1epss 0.00

    kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the formuser and formpassword parameters in /adminLogin.php.

  • CVE-2024-41242MedAug 7, 2024
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.

  • CVE-2024-41241MedAug 7, 2024
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.

  • CVE-2024-41240MedAug 7, 2024
    risk 0.40cvss 6.1epss 0.00

    A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/teacher_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the "error" parameter.

  • CVE-2024-41249MedAug 7, 2024
    risk 0.35cvss 5.3epss 0.01

    An Incorrect Access Control vulnerability was found in /smsa/view_subject.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view SUBJECT details.

  • CVE-2024-41238MedAug 8, 2024
    risk 0.34cvss 5.3epss 0.00

    A SQL injection vulnerability in /smsa/student_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter.

  • CVE-2024-41250MedAug 7, 2024
    risk 0.34cvss 5.3epss 0.00

    An Incorrect Access Control vulnerability was found in /smsa/view_students.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT details.

  • CVE-2024-41245MedAug 7, 2024
    risk 0.34cvss 5.3epss 0.01

    An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER details.

  • CVE-2024-41244MedAug 7, 2024
    risk 0.34cvss 5.3epss 0.00

    An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS details.

  • CVE-2024-41243MedAug 7, 2024
    risk 0.34cvss 5.3epss 0.01

    An Incorrect Access Control vulnerability was found in /smsa/view_marks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details.

  • CVE-2024-41248MedAug 7, 2024
    risk 0.34cvss 5.3epss 0.01

    An Incorrect Access Control vulnerability was found in /smsa/add_subject.php and /smsa/add_subject_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new subject entry.

  • CVE-2024-41247MedAug 7, 2024
    risk 0.34cvss 5.3epss 0.00

    An Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa/add_class_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new class entry.

  • CVE-2024-41246MedAug 7, 2024
    risk 0.34cvss 5.3epss 0.01

    An Incorrect Access Control vulnerability was found in /smsa/admin_dashboard.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view administrator dashboard.

  • CVE-2024-41239MedAug 7, 2024
    risk 0.31cvss 4.8epss 0.00

    A Stored Cross Site Scripting (XSS) vulnerability was found in "/smsa/add_class_submit.php" in Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "class_name" parameter field.