Eskooly
Products
3- 7 CVEs
- 2 CVEs
- 1 CVE
Recent CVEs
9| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-27709 | Cri | 0.64 | 9.8 | 0.01 | Jul 5, 2024 | SQL Injection vulnerability in Eskooly Web Product v.3.0 allows a remote attacker to execute arbitrary code via the searchby parameter of the allstudents.php component and the id parameter of the requestmanager.php component. | ||
| CVE-2024-27716 | Med | 0.35 | 5.4 | 0.00 | Jul 5, 2024 | Cross Site Scripting vulnerability in Eskooly Web Product v.3.0 and before allows a remote attacker to execute arbitrary code via the message sending and user input fields. | ||
| CVE-2024-27712 | 0.00 | — | 0.01 | Jul 5, 2024 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the User Account Mangemnt component in the authentication mechanism. | |||
| CVE-2024-27713 | 0.00 | — | 0.01 | Jul 5, 2024 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the HTTP Response Header Settings component. | |||
| CVE-2024-27710 | 0.00 | — | 0.01 | Jul 5, 2024 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the authentication mechanism. | |||
| CVE-2024-27711 | 0.00 | — | 0.01 | Jul 5, 2024 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the Sin-up process function in the account settings. | |||
| CVE-2024-27717 | 0.00 | — | 0.00 | Jul 5, 2024 | Cross Site Request Forgery vulnerability in Eskooly Free Online School Management Software v.3.0 and before allows a remote attacker to escalate privileges via the Token Handling component. | |||
| CVE-2024-27715 | 0.00 | — | 0.00 | Jul 5, 2024 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via a crafted request to the Password Change mechanism. | |||
| CVE-2021-46013 | 0.00 | — | 0.02 | Jan 18, 2022 | An unrestricted file upload vulnerability exists in Sourcecodester Free school management software 1.0. An attacker can leverage this vulnerability to enable remote code execution on the affected web server. Once a php webshell containing "<?php system($_GET["cmd"]); ?>" gets… |
- risk 0.64cvss 9.8epss 0.01
SQL Injection vulnerability in Eskooly Web Product v.3.0 allows a remote attacker to execute arbitrary code via the searchby parameter of the allstudents.php component and the id parameter of the requestmanager.php component.
- risk 0.35cvss 5.4epss 0.00
Cross Site Scripting vulnerability in Eskooly Web Product v.3.0 and before allows a remote attacker to execute arbitrary code via the message sending and user input fields.
- CVE-2024-27712Jul 5, 2024risk 0.00cvss —epss 0.01
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the User Account Mangemnt component in the authentication mechanism.
- CVE-2024-27713Jul 5, 2024risk 0.00cvss —epss 0.01
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the HTTP Response Header Settings component.
- CVE-2024-27710Jul 5, 2024risk 0.00cvss —epss 0.01
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the authentication mechanism.
- CVE-2024-27711Jul 5, 2024risk 0.00cvss —epss 0.01
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the Sin-up process function in the account settings.
- CVE-2024-27717Jul 5, 2024risk 0.00cvss —epss 0.00
Cross Site Request Forgery vulnerability in Eskooly Free Online School Management Software v.3.0 and before allows a remote attacker to escalate privileges via the Token Handling component.
- CVE-2024-27715Jul 5, 2024risk 0.00cvss —epss 0.00
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via a crafted request to the Password Change mechanism.
- CVE-2021-46013Jan 18, 2022risk 0.00cvss —epss 0.02
An unrestricted file upload vulnerability exists in Sourcecodester Free school management software 1.0. An attacker can leverage this vulnerability to enable remote code execution on the affected web server. Once a php webshell containing "<?php system($_GET["cmd"]); ?>" gets…