Code-projects Simple School Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Code-projects Simple School Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2024-25304 — CVSS 8.8 (high): Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php."
CVE-2024-25305 — CVSS 8.8 (high): Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/index.php.
CVE-2024-25306 — CVSS 8.8 (high): Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php".
CVE-2024-25308 — CVSS 8.8 (high): Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at School/teacher_login.php.
CVE-2024-25309 — CVSS 8.8 (high): Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacher_login.php.
CVE-2024-25310 — CVSS 8.8 (high): Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5."
CVE-2024-25312 — CVSS 8.8 (high): Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/sub_delete.php?id=5."
CVE-2024-25313 — CVSS 8.8 (high): Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at…
CVE-2024-31610 — CVSS 6.3 (medium): File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows…