Vulnerabilities > Arox > School Management Software PHP Mysql > 2019.03.14
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-31 | CVE-2020-8505 | Cross-Site Request Forgery (CSRF) vulnerability in Arox School Management Software PHP/Mysql 20190314 School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=deleteadmin CSRF to delete a user. | 4.3 |
| 2020-01-31 | CVE-2020-8504 | Cross-Site Request Forgery (CSRF) vulnerability in Arox School Management Software PHP/Mysql 20190314 School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=addadmin CSRF to add an administrative user. | 4.3 |