Daycloud CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-50586	1 Daycloud	1 Studentmanage	2025-09-09	6.5 Medium
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).
CVE-2025-50585	1 Daycloud	1 Studentmanage	2025-09-09	8.8 High
StudentManage v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/adminStudentUrl.
CVE-2025-50584	1 Daycloud	1 Studentmanage	2025-09-09	4.8 Medium
StudentManage v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Add A New Teacher module.
CVE-2025-50582	1 Daycloud	1 Studentmanage	2025-09-09	4.8 Medium
StudentManage v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Add A New Course module.
CVE-2025-50583	1 Daycloud	1 Studentmanage	2025-09-09	4.8 Medium
StudentManage v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Add A New Student module.

Page 1 of 1.