Vulnerabilities > Schoolbox > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-03-07 | CVE-2024-28094 | SQL Injection vulnerability in Schoolbox 21.0.2 Chat functionality in Schoolbox application before version 23.1.3 is vulnerable to blind SQL Injection enabling the authenticated attackers to read, modify, and delete database records. | 8.8 |
2022-10-31 | CVE-2022-3059 | SQL Injection vulnerability in Schoolbox 21.0.2 The application was vulnerable to multiple instances of SQL injection (authenticated and unauthenticated) through a vulnerable parameter. | 7.5 |