Vulnerabilities > THE School Manage System Project > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-10507 | Unrestricted Upload of File with Dangerous Type vulnerability in the School Manage System Project the School Manage System The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload (RCE) , that would allow attackers to gain access in the hosting machine. | 9.8 |
| 2020-04-15 | CVE-2020-10505 | SQL Injection vulnerability in the School Manage System Project the School Manage System The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of SQL Injection, an attacker can use a union based injection query string to get databases schema and username/password. | 9.8 |