Aggregates CVE and security vulnerability intelligence across all eskooly-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk csrf and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-27717 | Cross Site Request Forgery vulnerability in Eskooly Free Online School Management Software v.3.0 and before allows a remote attacker to escalate privileges via the Token Handling component. | [email protected] | 6.5 | 0.09% | 2024-07-05 | 2025-04-28 |
| CVE-2024-27715 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via a crafted request to the Password Change mechanism. | [email protected] | 8.2 | 0.16% | 2024-07-05 | 2025-04-16 |
| CVE-2024-27713 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the HTTP Response Header Settings component. | [email protected] | 8.8 | 0.80% | 2024-07-05 | 2025-04-16 |
| CVE-2024-27712 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the User Account Mangemnt component in the authentication mechanism. | [email protected] | 9.8 | 0.83% | 2024-07-05 | 2025-03-13 |
| CVE-2024-27711 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the Sin-up process function in the account settings. | [email protected] | 8.8 | 0.66% | 2024-07-05 | 2024-11-21 |
| CVE-2024-27710 | An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the authentication mechanism. | [email protected] | 9.8 | 0.83% | 2024-07-05 | 2025-04-16 |