Vulnerabilities > THE School Manage System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-10507 | Unrestricted Upload of File with Dangerous Type vulnerability in the School Manage System Project the School Manage System The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload (RCE) , that would allow attackers to gain access in the hosting machine. | 9.8 |
| 2020-04-15 | CVE-2020-10506 | Path Traversal vulnerability in the School Manage System Project the School Manage System The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Path Traversal, allowing attackers to access arbitrary files. | 7.5 |
| 2020-04-15 | CVE-2020-10505 | SQL Injection vulnerability in the School Manage System Project the School Manage System The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of SQL Injection, an attacker can use a union based injection query string to get databases schema and username/password. | 9.8 |