Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49983 | 1 Oretnom23 | 1 School Fees Management System | 2025-04-16 | N/A | 6.8 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. | |||||
| CVE-2023-49982 | 1 Oretnom23 | 1 School Fees Management System | 2025-04-16 | N/A | 8.8 HIGH |
| Broken access control in the component /admin/management/users of School Fees Management System v1.0 allows attackers to escalate privileges and perform Administrative actions, including adding and deleting user accounts. | |||||
| CVE-2023-49986 | 1 Oretnom23 | 1 School Fees Management System | 2025-04-16 | N/A | 4.7 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the component /admin/parent of School Fees Management System 1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. | |||||
| CVE-2023-49985 | 1 Oretnom23 | 1 School Fees Management System | 2025-04-16 | N/A | 6.5 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cname parameter. | |||||
| CVE-2023-49984 | 1 Oretnom23 | 1 School Fees Management System | 2025-04-16 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the component /management/settings of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. | |||||
| CVE-2023-49987 | 1 Oretnom23 | 1 School Fees Management System | 2025-04-16 | N/A | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the component /management/term of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tname parameter. | |||||