本頁列出影響 campcodes complete_web-based_school_management_system 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2024-33402 | A SQL injection vulnerability in /model/approve_petty_cash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 8.1 | 0.44% | 2024-05-28 | 2026-06-17 |
| CVE-2024-33808 | A SQL injection vulnerability in /model/get_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 9.8 | 0.51% | 2024-05-28 | 2026-06-17 |
| CVE-2024-33807 | A SQL injection vulnerability in /model/get_teacher_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter. | [email protected] | 5.4 | 0.29% | 2024-05-28 | 2026-06-17 |
| CVE-2024-33806 | A SQL injection vulnerability in /model/get_grade.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 9.8 | 0.51% | 2024-05-28 | 2026-06-17 |
| CVE-2024-33805 | A SQL injection vulnerability in /model/get_student.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 9.8 | 0.51% | 2024-05-28 | 2026-06-17 |
| CVE-2024-33804 | A SQL injection vulnerability in /model/get_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 6.3 | 0.30% | 2024-05-28 | 2026-06-17 |
| CVE-2024-33803 | A SQL injection vulnerability in /model/get_exam.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 5.4 | 0.29% | 2024-05-28 | 2026-06-17 |
| CVE-2024-33802 | A SQL injection vulnerability in /model/get_student_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter. | [email protected] | 6.5 | 0.43% | 2024-05-28 | 2026-06-17 |
| CVE-2024-33801 | A SQL injection vulnerability in /model/get_subject_routing.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 9.8 | 0.51% | 2024-05-28 | 2026-06-17 |
| CVE-2024-33800 | A SQL injection vulnerability in /model/get_student1.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter. | [email protected] | 9.8 | 0.51% | 2024-05-28 | 2026-06-17 |
| CVE-2024-33799 | A SQL injection vulnerability in /model/get_teacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | [email protected] | 9.8 | 0.51% | 2024-05-28 | 2026-06-17 |
| CVE-2024-34936 | A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter. | [email protected] | 8.6 | 0.38% | 2024-05-23 | 2026-06-17 |
| CVE-2024-34935 | A SQL injection vulnerability in /view/conversation_history_admin.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter. | [email protected] | 9.8 | 0.51% | 2024-05-23 | 2026-06-17 |
| CVE-2024-34934 | A SQL injection vulnerability in /view/emarks_range_grade_update_form.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter. | [email protected] | 9.8 | 0.51% | 2024-05-23 | 2026-06-17 |
| CVE-2024-34933 | A SQL injection vulnerability in /model/update_grade.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the admission_fee parameter. | [email protected] | 6.3 | 0.30% | 2024-05-23 | 2026-06-17 |
| CVE-2024-34932 | A SQL injection vulnerability in /model/update_exam.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter. | [email protected] | 9.8 | 0.51% | 2024-05-23 | 2026-06-17 |
| CVE-2024-34931 | A SQL injection vulnerability in /model/update_subject.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter. | [email protected] | 9.8 | 0.51% | 2024-05-23 | 2026-06-17 |
| CVE-2024-34930 | A SQL injection vulnerability in /model/all_events1.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the month parameter. | [email protected] | 5.3 | 0.22% | 2024-05-23 | 2026-06-17 |
| CVE-2024-34929 | A SQL injection vulnerability in /view/find_friends.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the my_index parameter. | [email protected] | 9.8 | 0.51% | 2024-05-23 | 2026-06-17 |
| CVE-2024-34928 | A SQL injection vulnerability in /model/update_subject_routing.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter. | [email protected] | 7.3 | 0.32% | 2024-05-23 | 2026-06-17 |