本页列出影响 campcodes complete_web-based_school_management_system 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2024-33402 | A SQL injection vulnerability in /model/approve_petty_cash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 8.1 | 0.17% | 2024-05-28 | 2025-03-25 |
| CVE-2024-33808 | A SQL injection vulnerability in /model/get_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 9.8 | 0.29% | 2024-05-28 | 2025-03-25 |
| CVE-2024-33807 | A SQL injection vulnerability in /model/get_teacher_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter. | [email protected] | 5.4 | 0.16% | 2024-05-28 | 2025-03-25 |
| CVE-2024-33806 | A SQL injection vulnerability in /model/get_grade.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 9.8 | 0.26% | 2024-05-28 | 2025-03-25 |
| CVE-2024-33805 | A SQL injection vulnerability in /model/get_student.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 9.8 | 0.26% | 2024-05-28 | 2025-03-25 |
| CVE-2024-33804 | A SQL injection vulnerability in /model/get_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 6.3 | 0.16% | 2024-05-28 | 2025-03-25 |
| CVE-2024-33803 | A SQL injection vulnerability in /model/get_exam.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 5.4 | 0.20% | 2024-05-28 | 2025-03-25 |
| CVE-2024-33802 | A SQL injection vulnerability in /model/get_student_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter. | [email protected] | 6.5 | 0.16% | 2024-05-28 | 2025-03-25 |
| CVE-2024-33801 | A SQL injection vulnerability in /model/get_subject_routing.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 9.8 | 0.26% | 2024-05-28 | 2025-03-25 |
| CVE-2024-33800 | A SQL injection vulnerability in /model/get_student1.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter. | [email protected] | 9.8 | 0.26% | 2024-05-28 | 2025-03-25 |
| CVE-2024-33799 | A SQL injection vulnerability in /model/get_teacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 9.8 | 0.26% | 2024-05-28 | 2025-03-25 |
| CVE-2024-34936 | A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter. | [email protected] | 8.6 | 0.08% | 2024-05-23 | 2025-03-25 |
| CVE-2024-34935 | A SQL injection vulnerability in /view/conversation_history_admin.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter. | [email protected] | 9.8 | 0.12% | 2024-05-23 | 2025-03-25 |
| CVE-2024-34934 | A SQL injection vulnerability in /view/emarks_range_grade_update_form.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter. | [email protected] | 9.8 | 0.12% | 2024-05-23 | 2025-03-25 |
| CVE-2024-34933 | A SQL injection vulnerability in /model/update_grade.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the admission_fee parameter. | [email protected] | 6.3 | 0.08% | 2024-05-23 | 2025-03-25 |
| CVE-2024-34932 | A SQL injection vulnerability in /model/update_exam.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter. | [email protected] | 9.8 | 0.12% | 2024-05-23 | 2025-03-25 |
| CVE-2024-34931 | A SQL injection vulnerability in /model/update_subject.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter. | [email protected] | 9.8 | 0.12% | 2024-05-23 | 2025-03-25 |
| CVE-2024-34930 | A SQL injection vulnerability in /model/all_events1.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the month parameter. | [email protected] | 5.3 | 0.05% | 2024-05-23 | 2025-03-25 |
| CVE-2024-34929 | A SQL injection vulnerability in /view/find_friends.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the my_index parameter. | [email protected] | 9.8 | 0.12% | 2024-05-23 | 2025-03-25 |
| CVE-2024-34928 | A SQL injection vulnerability in /model/update_subject_routing.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter. | [email protected] | 7.3 | 0.08% | 2024-05-23 | 2025-03-25 |