Filtered by vendor Eskooly Subscriptions
Filtered by product Web Product Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-27717 1 Eskooly 1 Web Product 2024-11-21 6.5 Medium
Cross Site Request Forgery vulnerability in Eskooly Free Online School Management Software v.3.0 and before allows a remote attacker to escalate privileges via the Token Handling component.
CVE-2024-27716 1 Eskooly 1 Web Product 2024-11-21 5.4 Medium
Cross Site Scripting vulnerability in Eskooly Web Product v.3.0 and before allows a remote attacker to execute arbitrary code via the message sending and user input fields.
CVE-2024-27715 1 Eskooly 1 Web Product 2024-11-21 8.2 High
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via a crafted request to the Password Change mechanism.
CVE-2024-27713 1 Eskooly 1 Web Product 2024-11-21 8.8 High
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the HTTP Response Header Settings component.
CVE-2024-27709 1 Eskooly 1 Web Product 2024-11-21 9.8 Critical
SQL Injection vulnerability in Eskooly Web Product v.3.0 allows a remote attacker to execute arbitrary code via the searchby parameter of the allstudents.php component and the id parameter of the requestmanager.php component.