Arox School Management Software Php/mysql — known CVE vulnerabilities
Every CVE whose affected-product data names Arox School Management Software Php/mysql, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-8504 — CVSS 6.5 (medium): School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=addadmin CSRF to add an administrative user.
CVE-2020-8505 — CVSS 6.5 (medium): School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=deleteadmin CSRF to delete a user.