Aggregates CVE and security vulnerability intelligence across all schoolmate_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection, with potential vendor impact data exposure across vendor surface software deployment and vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-40946 | Schoolmate 1.3 is vulnerable to SQL Injection in the variable $username from SESSION in ValidateLogin.php. | [email protected] | 9.8 | 0.63% | 2023-09-11 | 2024-11-21 |
| CVE-2023-40944 | Schoolmate 1.3 is vulnerable to SQL Injection in the variable $schoolname from Database at ~\header.php. | [email protected] | 9.8 | 0.63% | 2023-09-11 | 2024-11-21 |
| CVE-2023-39850 | Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php. | [email protected] | 9.8 | 0.71% | 2023-08-15 | 2024-11-21 |