Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-07 | CVE-2024-41240 | Cross-site Scripting vulnerability in Lopalopa Responsive School Management System 3.2.0 A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/teacher_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the "error" parameter. | 6.1 |
| 2024-08-07 | CVE-2024-41241 | Cross-site Scripting vulnerability in Lopalopa Responsive School Management System 3.2.0 A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter. | 6.1 |
| 2024-08-07 | CVE-2024-41242 | Cross-site Scripting vulnerability in Lopalopa Responsive School Management System 3.2.0 A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter. | 6.1 |
| 2024-08-07 | CVE-2024-20443 | Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. | 5.4 |
| 2024-08-07 | CVE-2024-20479 | Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. | 4.8 |
| 2024-08-07 | CVE-2024-41243 | Unspecified vulnerability in Lopalopa Responsive School Management System 3.2.0 An Incorrect Access Control vulnerability was found in /smsa/view_marks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details. | 5.3 |
| 2024-08-07 | CVE-2024-41244 | Unspecified vulnerability in Lopalopa Responsive School Management System 3.2.0 An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS details. | 5.3 |
| 2024-08-07 | CVE-2024-41245 | Unspecified vulnerability in Lopalopa Responsive School Management System 3.2.0 An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER details. | 5.3 |
| 2024-08-07 | CVE-2024-41250 | Unspecified vulnerability in Lopalopa Responsive School Management System 3.2.0 An Incorrect Access Control vulnerability was found in /smsa/view_students.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT details. | 5.3 |
| 2024-08-07 | CVE-2024-41246 | Unspecified vulnerability in Lopalopa Responsive School Management System 3.2.0 An Incorrect Access Control vulnerability was found in /smsa/admin_dashboard.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view administrator dashboard. | 5.3 |