Vulnerabilities > Lopalopa > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-09 | CVE-2024-54935 | Cross-site Scripting vulnerability in Lopalopa E-Learning Management System 1.0 A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message_teacher_to_student.php of kashipara E-learning Management System v1.0. | 5.4 |
| 2024-12-09 | CVE-2024-54919 | Cross-site Scripting vulnerability in Lopalopa E-Learning Management System 1.0 A Stored Cross Site Scripting (XSS ) was found in /teacher_avatar.php of kashipara E-learning Management System v1.0. | 5.4 |
| 2024-12-09 | CVE-2024-54936 | Cross-site Scripting vulnerability in Lopalopa E-Learning Management System 1.0 A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message.php of Kashipara E-learning Management System v1.0. | 5.4 |
| 2024-12-09 | CVE-2024-54937 | Unspecified vulnerability in Lopalopa E-Learning Management System 1.0 A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets. | 5.3 |
| 2024-11-14 | CVE-2024-50836 | Cross-site Scripting vulnerability in Lopalopa E-Learning Management System 1.0 A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0. | 4.8 |
| 2024-08-26 | CVE-2024-42790 | Cross-site Scripting vulnerability in Lopalopa Music Management System 1.0 A Reflected Cross Site Scripting (XSS) vulnerability was found in "/music/index.php?page=test" in Kashipara Music Management System v1.0. | 5.4 |
| 2024-08-08 | CVE-2024-41238 | SQL Injection vulnerability in Lopalopa Responsive School Management System 3.2.0 A SQL injection vulnerability in /smsa/student_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter. | 5.3 |
| 2024-08-07 | CVE-2024-41239 | Cross-site Scripting vulnerability in Lopalopa Responsive School Management System 3.2.0 A Stored Cross Site Scripting (XSS) vulnerability was found in "/smsa/add_class_submit.php" in Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "class_name" parameter field. | 4.8 |
| 2024-08-07 | CVE-2024-41240 | Cross-site Scripting vulnerability in Lopalopa Responsive School Management System 3.2.0 A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/teacher_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the "error" parameter. | 6.1 |
| 2024-08-07 | CVE-2024-41241 | Cross-site Scripting vulnerability in Lopalopa Responsive School Management System 3.2.0 A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter. | 6.1 |