Vulnerabilities > Schoolbox > High

DATE CVE VULNERABILITY TITLE RISK
2024-03-07 CVE-2024-28094 SQL Injection vulnerability in Schoolbox 21.0.2
Chat functionality in Schoolbox application before version 23.1.3 is vulnerable to blind SQL Injection enabling the authenticated attackers to read, modify, and delete database records.
network
low complexity
schoolbox CWE-89
8.8
2022-10-31 CVE-2022-3059 SQL Injection vulnerability in Schoolbox 21.0.2
The application was vulnerable to multiple instances of SQL injection (authenticated and unauthenticated) through a vulnerable parameter.
network
low complexity
schoolbox CWE-89
7.5