Vulnerabilities > Lopalopa > High

DATE CVE VULNERABILITY TITLE RISK
2025-05-05 CVE-2025-45321 SQL Injection vulnerability in Lopalopa Online Service Management Portal 1.0
kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in /osms/Requester/Requesterchangepass.php via the parameter: rPassword.
network
low complexity
lopalopa CWE-89
8.8
8.8
2025-05-05 CVE-2025-45322 SQL Injection vulnerability in Lopalopa Online Service Management Portal 1.0
kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in osms/Requester/CheckStatus.php via the checkid parameter.
network
low complexity
lopalopa CWE-89
8.8
8.8
2024-12-09 CVE-2024-54922 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection was found in /admin/edit_user.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the firstname, lastname, and username parameters.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-12-09 CVE-2024-54930 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_student.php.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-12-09 CVE-2024-54933 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_content.php.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-12-09 CVE-2024-54926 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /search_class.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the school_year parameter.
network
low complexity
lopalopa CWE-89
8.8
8.8
2024-12-09 CVE-2024-54929 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
KASHIPARA E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_subject.php.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50824 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50825 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning Management System Project 1.0 via the school_year parameter.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50826 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning Management System Project 1.0 via the title and content parameters.
network
low complexity
lopalopa CWE-89
7.2
7.2