Vulnerabilities > Ingenious School Management System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-07 | CVE-2017-16561 | SQL Injection vulnerability in Ingenious School Management System Project Ingenious School Management System 2.3.0 /view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index' parameter of a GET request. | 7.5 |
| 2017-10-29 | CVE-2017-15957 | Unrestricted Upload of File with Dangerous Type vulnerability in Ingenious School Management System Project Ingenious School Management System 2.3.0 my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file. | 6.5 |