VYPR

Automated Enrollment System

by CASAP

CVEs (3)

  • CVE-2024-33485CriMay 14, 2024
    risk 0.64cvss 9.8epss 0.01

    SQL Injection vulnerability in CASAP Automated Enrollment System using PHP/MySQLi with Source Code V1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the login.php component

  • CVE-2021-3294MedFeb 9, 2021
    risk 0.38cvss 5.4epss 0.03

    CASAP Automated Enrollment System 1.0 is affected by cross-site scripting (XSS) in users.php. An attacker can steal a cookie to perform user redirection to a malicious website.

  • CVE-2021-27129MedApr 15, 2021
    risk 0.35cvss 5.4epss 0.01

    CASAP Automated Enrollment System version 1.0 contains a cross-site scripting (XSS) vulnerability through the Students > Edit > ROUTE parameter.