Vendor
Ingenious School Management System Project
Products
1
CVEs
4
Across products
4
Status
Private
Products
1- 4 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-24571 | Cri | 0.64 | 9.8 | 0.02 | Feb 28, 2022 | Car Driving School Management System v1.0 is affected by SQL injection in the login page. An attacker can use simple SQL login injection payload to get admin access. | ||
| CVE-2017-16561 | Cri | 0.64 | 9.8 | 0.01 | Nov 7, 2017 | /view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request. | ||
| CVE-2017-15957 | Hig | 0.61 | 8.8 | 0.04 | Oct 29, 2017 | my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file. | ||
| CVE-2022-24572 | Med | 0.40 | 6.1 | 0.01 | Feb 28, 2022 | Car Driving School Management System v1.0 is affected by Cross Site Scripting (XSS) in the User Enrollment Form (Username Field). To exploit this Vulnerability, an admin views the registered user details. |
- risk 0.64cvss 9.8epss 0.02
Car Driving School Management System v1.0 is affected by SQL injection in the login page. An attacker can use simple SQL login injection payload to get admin access.
- risk 0.64cvss 9.8epss 0.01
/view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request.
- risk 0.61cvss 8.8epss 0.04
my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file.
- risk 0.40cvss 6.1epss 0.01
Car Driving School Management System v1.0 is affected by Cross Site Scripting (XSS) in the User Enrollment Form (Username Field). To exploit this Vulnerability, an admin views the registered user details.