Vendor
Ingenious School Management System Project
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- 2 CVEs
Recent CVEs
2| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-16561 | Cri | 0.64 | 9.8 | 0.00 | Nov 7, 2017 | /view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request. | |
| CVE-2017-15957 | Hig | 0.60 | 8.8 | 0.03 | Oct 29, 2017 | my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file. |
- risk 0.64cvss 9.8epss 0.00
/view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request.
- risk 0.60cvss 8.8epss 0.03
my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file.