Vulnerabilities > Arox > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-04 | CVE-2019-13294 | Unrestricted Upload of File with Dangerous Type vulnerability in Arox School-Erp AROX School-ERP Pro has a command execution vulnerability. | 9.8 |
| 2017-10-31 | CVE-2017-15978 | SQL Injection vulnerability in Arox School ERP PHP Script 1.0 AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter. | 9.8 |