Complete Web-Based School Management System

CVEs (44)

CVE	Vendor / Product	CVSS	Published	Description
CVE-2024-33402	Campcodes Complete Web-Based School Management System	—	May 28, 2024	A SQL injection vulnerability in /model/approve_petty_cash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33808	Campcodes Complete Web-Based School Management System	—	May 28, 2024	A SQL injection vulnerability in /model/get_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33807	Campcodes Complete Web-Based School Management System	—	May 28, 2024	A SQL injection vulnerability in /model/get_teacher_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter.
CVE-2024-33806	Campcodes Complete Web-Based School Management System	—	May 28, 2024	A SQL injection vulnerability in /model/get_grade.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33805	Campcodes Complete Web-Based School Management System	—	May 28, 2024	A SQL injection vulnerability in /model/get_student.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33804	Campcodes Complete Web-Based School Management System	—	May 28, 2024	A SQL injection vulnerability in /model/get_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33803	Campcodes Complete Web-Based School Management System	—	May 28, 2024	A SQL injection vulnerability in /model/get_exam.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33802	Campcodes Complete Web-Based School Management System	—	May 28, 2024	A SQL injection vulnerability in /model/get_student_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter.
CVE-2024-33801	Campcodes Complete Web-Based School Management System	—	May 28, 2024	A SQL injection vulnerability in /model/get_subject_routing.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33800	Campcodes Complete Web-Based School Management System	—	May 28, 2024	A SQL injection vulnerability in /model/get_student1.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter.
CVE-2024-33799	Campcodes Complete Web-Based School Management System	—	May 28, 2024	A SQL injection vulnerability in /model/get_teacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-34936	Campcodes Complete Web-Based School Management System	—	May 23, 2024	A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter.
CVE-2024-34935	Campcodes Complete Web-Based School Management System	—	May 23, 2024	A SQL injection vulnerability in /view/conversation_history_admin.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter.
CVE-2024-34934	Campcodes Complete Web-Based School Management System	—	May 23, 2024	A SQL injection vulnerability in /view/emarks_range_grade_update_form.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter.
CVE-2024-34933	Campcodes Complete Web-Based School Management System	—	May 23, 2024	A SQL injection vulnerability in /model/update_grade.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the admission_fee parameter.
CVE-2024-34932	Campcodes Complete Web-Based School Management System	—	May 23, 2024	A SQL injection vulnerability in /model/update_exam.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter.
CVE-2024-34931	Campcodes Complete Web-Based School Management System	—	May 23, 2024	A SQL injection vulnerability in /model/update_subject.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter.
CVE-2024-34930	Campcodes Complete Web-Based School Management System	—	May 23, 2024	A SQL injection vulnerability in /model/all_events1.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the month parameter.
CVE-2024-34929	Campcodes Complete Web-Based School Management System	—	May 23, 2024	A SQL injection vulnerability in /view/find_friends.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the my_index parameter.
CVE-2024-34928	Campcodes Complete Web-Based School Management System	—	May 23, 2024	A SQL injection vulnerability in /model/update_subject_routing.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter.

CVE-2024-33402May 28, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/approve_petty_cash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33808May 28, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/get_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33807May 28, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/get_teacher_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter.
CVE-2024-33806May 28, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/get_grade.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33805May 28, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/get_student.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33804May 28, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/get_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33803May 28, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/get_exam.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33802May 28, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/get_student_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter.
CVE-2024-33801May 28, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/get_subject_routing.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33800May 28, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/get_student1.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter.
CVE-2024-33799May 28, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/get_teacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-34936May 23, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter.
CVE-2024-34935May 23, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /view/conversation_history_admin.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter.
CVE-2024-34934May 23, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /view/emarks_range_grade_update_form.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter.
CVE-2024-34933May 23, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/update_grade.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the admission_fee parameter.
CVE-2024-34932May 23, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/update_exam.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter.
CVE-2024-34931May 23, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/update_subject.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter.
CVE-2024-34930May 23, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/all_events1.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the month parameter.
CVE-2024-34929May 23, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /view/find_friends.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the my_index parameter.
CVE-2024-34928May 23, 2024
Campcodes
Complete Web-Based School Management System
risk 0.00cvss —epss 0.00
A SQL injection vulnerability in /model/update_subject_routing.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter.

Page 1 of 3