Vulnerabilities > Lopalopa

DATE CVE VULNERABILITY TITLE RISK
2024-08-07 CVE-2024-41239 Cross-site Scripting vulnerability in Lopalopa Responsive School Management System 3.2.0
A Stored Cross Site Scripting (XSS) vulnerability was found in "/smsa/add_class_submit.php" in Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "class_name" parameter field.
network
low complexity
lopalopa CWE-79
4.8
2024-08-07 CVE-2024-41240 Cross-site Scripting vulnerability in Lopalopa Responsive School Management System 3.2.0
A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/teacher_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the "error" parameter.
network
low complexity
lopalopa CWE-79
6.1
2024-08-07 CVE-2024-41241 Cross-site Scripting vulnerability in Lopalopa Responsive School Management System 3.2.0
A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.
network
low complexity
lopalopa CWE-79
6.1
2024-08-07 CVE-2024-41242 Cross-site Scripting vulnerability in Lopalopa Responsive School Management System 3.2.0
A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.
network
low complexity
lopalopa CWE-79
6.1
2024-08-07 CVE-2024-41243 Unspecified vulnerability in Lopalopa Responsive School Management System 3.2.0
An Incorrect Access Control vulnerability was found in /smsa/view_marks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details.
network
low complexity
lopalopa
5.3
2024-08-07 CVE-2024-41244 Unspecified vulnerability in Lopalopa Responsive School Management System 3.2.0
An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS details.
network
low complexity
lopalopa
5.3
2024-08-07 CVE-2024-41245 Unspecified vulnerability in Lopalopa Responsive School Management System 3.2.0
An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER details.
network
low complexity
lopalopa
5.3
2024-08-07 CVE-2024-41250 Unspecified vulnerability in Lopalopa Responsive School Management System 3.2.0
An Incorrect Access Control vulnerability was found in /smsa/view_students.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT details.
network
low complexity
lopalopa
5.3
2024-08-07 CVE-2024-41246 Unspecified vulnerability in Lopalopa Responsive School Management System 3.2.0
An Incorrect Access Control vulnerability was found in /smsa/admin_dashboard.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view administrator dashboard.
network
low complexity
lopalopa
5.3
2024-08-07 CVE-2024-41247 Unspecified vulnerability in Lopalopa Responsive School Management System 3.2.0
An Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa/add_class_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new class entry.
network
low complexity
lopalopa
5.3