School Management System Project CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (6 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-51967	1 School Management System Project	1 School Management System	2025-08-29	6.1 Medium
A Reflected Cross-site Scripting (XSS) vulnerability exists in the themeSet.php file of ProjectsAndPrograms School Management System 1.0. The application fails to sanitize user-supplied input in the theme POST parameter, allowing an attacker to inject and execute arbitrary JavaScript in a victim's browser.
CVE-2024-42571	2 Arajajyothibabu, School Management System Project	2 School Management System, School Management System	2025-06-05	9.8 Critical
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at insertattendance.php.
CVE-2024-33404	2 Campcodes, School Management System Project	2 Complete Web-based School Management System, School Management System	2025-03-25	8.3 High
A SQL injection vulnerability in /model/add_student_first_payment.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the index parameter.
CVE-2024-42573	2 Arajajyothibabu, School Management System Project	2 School Management System, School Management System	2025-03-20	9.8 Critical
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php.
CVE-2024-42566	2 Arajajyothibabu, School Management System Project	2 School Management System, School Management System	2024-08-21	8.8 High
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the password parameter at login.php
CVE-2024-42567	2 Arajajyothibabu, School Management System Project	2 School Management System, School Management System	2024-08-21	9.8 Critical
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the sid parameter at /search.php?action=2.

Page 1 of 1.