Advanced School Management System Project Advanced School Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Advanced School Management System Project Advanced School Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2022-34588 — CVSS 8.8 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/timetable_insert_…
CVE-2022-34586 — CVSS 8.8 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/student_grade_wis…
CVE-2022-32371 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher.php?id=.
CVE-2022-32372 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject.php?id=.
CVE-2022-32373 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam.php?id=.
CVE-2022-32374 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject_routing.php?id=.
CVE-2022-32375 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_timetable.php?id=.
CVE-2022-32376 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_events.php?event_id=.
CVE-2022-32377 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam_timetable.php?id=.
CVE-2022-32378 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher_profile.php?my_index=.
CVE-2022-32379 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_parents_profile.php?my_index=.
CVE-2022-32380 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_student_subject.php?index=.
CVE-2022-32381 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_admin_profile.php?my_index=.
CVE-2022-32433 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to Arbitrary code execution via ip/school/view/all_teacher.php.
CVE-2022-32368 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_grade.php?id=.
CVE-2022-32370 — CVSS 7.2 (high): itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_classroom.php?id=.
CVE-2022-34580 — CVSS 4.8 (medium): Advanced School Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the address parameter at…
CVE-2022-34594 — CVSS 4.8 (medium): Advanced School Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component…