Free Online School management Software
by Eskooly
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-27710 | 0.00 | — | 0.01 | Jul 5, 2024 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the authentication mechanism. | |||
| CVE-2024-27712 | 0.00 | — | 0.01 | Jul 5, 2024 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the User Account Mangemnt component in the authentication mechanism. | |||
| CVE-2024-27713 | 0.00 | — | 0.01 | Jul 5, 2024 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the HTTP Response Header Settings component. | |||
| CVE-2024-27715 | 0.00 | — | 0.00 | Jul 5, 2024 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via a crafted request to the Password Change mechanism. | |||
| CVE-2024-27711 | 0.00 | — | 0.01 | Jul 5, 2024 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the Sin-up process function in the account settings. | |||
| CVE-2024-27717 | 0.00 | — | 0.00 | Jul 5, 2024 | Cross Site Request Forgery vulnerability in Eskooly Free Online School Management Software v.3.0 and before allows a remote attacker to escalate privileges via the Token Handling component. | |||
| CVE-2021-46013 | 0.00 | — | 0.02 | Jan 18, 2022 | An unrestricted file upload vulnerability exists in Sourcecodester Free school management software 1.0. An attacker can leverage this vulnerability to enable remote code execution on the affected web server. Once a php webshell containing "<?php system($_GET["cmd"]); ?>" gets… |
- CVE-2024-27710Jul 5, 2024risk 0.00cvss —epss 0.01
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the authentication mechanism.
- CVE-2024-27712Jul 5, 2024risk 0.00cvss —epss 0.01
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the User Account Mangemnt component in the authentication mechanism.
- CVE-2024-27713Jul 5, 2024risk 0.00cvss —epss 0.01
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the HTTP Response Header Settings component.
- CVE-2024-27715Jul 5, 2024risk 0.00cvss —epss 0.00
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via a crafted request to the Password Change mechanism.
- CVE-2024-27711Jul 5, 2024risk 0.00cvss —epss 0.01
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the Sin-up process function in the account settings.
- CVE-2024-27717Jul 5, 2024risk 0.00cvss —epss 0.00
Cross Site Request Forgery vulnerability in Eskooly Free Online School Management Software v.3.0 and before allows a remote attacker to escalate privileges via the Token Handling component.
- CVE-2021-46013Jan 18, 2022risk 0.00cvss —epss 0.02
An unrestricted file upload vulnerability exists in Sourcecodester Free school management software 1.0. An attacker can leverage this vulnerability to enable remote code execution on the affected web server. Once a php webshell containing "<?php system($_GET["cmd"]); ?>" gets…