School Management System Security Vulnerabilities

CVE-2024-42566

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the password parameter at login.php

CVE-2024-42567

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the sid parameter at /search.php?action=2.

CVE-2024-42568

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the transport parameter at vehicle.php.

CVE-2024-42570

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at admininsert.php.

CVE-2024-42572

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at unitmarks.php.

CVE-2024-42573

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php.

CVE-2024-42574

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at attendance.php.

CVE-2024-42575

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at substaff.php.