Vulnerabilities > THE School Manage System Project

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2020-10507 Unrestricted Upload of File with Dangerous Type vulnerability in the School Manage System Project the School Manage System
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload (RCE) , that would allow attackers to gain access in the hosting machine.
network
low complexity
the-school-manage-system-project CWE-434
7.5
2020-04-15 CVE-2020-10506 Path Traversal vulnerability in the School Manage System Project the School Manage System
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Path Traversal, allowing attackers to access arbitrary files.
network
low complexity
the-school-manage-system-project CWE-22
5.0
2020-04-15 CVE-2020-10505 SQL Injection vulnerability in the School Manage System Project the School Manage System
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of SQL Injection, an attacker can use a union based injection query string to get databases schema and username/password.
network
low complexity
the-school-manage-system-project CWE-89
7.5