Filtered by vendor Kashipara
Subscriptions
Total
132 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-50833 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters. | ||||
CVE-2024-50832 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter. | ||||
CVE-2024-50831 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
A SQL Injection was found in /admin/admin_user.php in kashipara E-learning Management System Project 1.0 via the username and password parameters. | ||||
CVE-2024-50830 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
A SQL Injection vulnerability was found in /admin/calendar_of_events.php in kashipara E-learning Management System Project 1.0 via the date_start, date_end, and title parameters. | ||||
CVE-2024-50829 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning Management System Project 1.0 via the unit parameter. | ||||
CVE-2024-50828 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
A SQL Injection vulnerability was found in /admin/edit_department.php in kashipara E-learning Management System Project 1.0 via the d parameter. | ||||
CVE-2024-50827 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
A SQL Injection vulnerability was found in /admin/add_subject.php in kashipara E-learning Management System Project 1.0 via the subject_code parameter. | ||||
CVE-2024-50838 | 1 Kashipara | 1 E Learning Management System Project | 2024-11-15 | 5.4 Medium |
A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/department.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the d and pi parameters. | ||||
CVE-2024-50841 | 1 Kashipara | 1 E Learning Management System Project | 2024-11-15 | 5.4 Medium |
A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/calendar_of_events.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the date_start, date_end, and title parameters. | ||||
CVE-2024-50839 | 1 Kashipara | 1 E Learning Management System Project | 2024-11-15 | 5.4 Medium |
A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/add_subject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the subject_code and title parameters. | ||||
CVE-2024-50840 | 1 Kashipara | 1 E Learning Management System Project | 2024-11-15 | 5.4 Medium |
A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/class.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the class_name parameter. | ||||
CVE-2024-50837 | 1 Kashipara | 1 E Learning Management System Project | 2024-11-15 | 5.4 Medium |
A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/admin_user.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and username parameters. | ||||
CVE-2024-50842 | 1 Kashipara | 1 E Learning Management System Project | 2024-11-15 | 5.4 Medium |
A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/school_year.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the school_year parameter. | ||||
CVE-2024-42773 | 1 Kashipara | 1 Hotel Management System | 2024-11-06 | 9.1 Critical |
An Incorrect Access Control vulnerability was found in /admin/edit_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to edit the valid hotel room entries in the administrator section. | ||||
CVE-2024-41251 | 2 Kashipara, Lopalopa | 2 Responsive School Management System, Responsive School Management System | 2024-10-24 | 6.5 Medium |
An Incorrect Access Control vulnerability was found in /smsa/admin_teacher_register_approval.php and /smsa/admin_teacher_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve Teacher registration. | ||||
CVE-2024-41250 | 2 Kashipara, Lopalopa | 2 Responsive School Management System, Responsive School Management System | 2024-10-24 | 5.3 Medium |
An Incorrect Access Control vulnerability was found in /smsa/view_students.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT details. | ||||
CVE-2024-42797 | 1 Kashipara | 1 Music Management System | 2024-09-26 | 9.8 Critical |
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to delete the valid music playlist entries. | ||||
CVE-2024-42796 | 1 Kashipara | 1 Music Management System | 2024-09-20 | 5.9 Medium |
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_genre in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to delete the valid music genre entries. | ||||
CVE-2024-42794 | 1 Kashipara | 1 Music Management System | 2024-09-20 | 4.7 Medium |
Kashipara Music Management System v1.0 is vulnerable to Incorrect Access Control via /music/ajax.php?action=save_user. | ||||
CVE-2024-42798 | 1 Kashipara | 1 Music Management System | 2024-09-20 | 7.6 High |
An Incorrect Access Control vulnerability was found in /music/index.php?page=user_list and /music/index.php?page=edit_user in Kashipara Music Management System v1.0. This allows a low privileged attacker to take over the administrator account. |