Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2014-1636

Publish Date: 07 Jan 2014

                							

                source: http://www.securityfocus.com/bid/64707/info
  
Command School Student Management System is prone to the following security vulnerabilities:
  
1. Multiple SQL-injection vulnerabilities
2. A cross-site request forgery vulnerability
3. A cross-site scripting vulnerability
4. An HTML injection vulnerability
5. A security-bypass vulnerability
  
Exploiting these issues could allow an attacker to run malicious HTML and script codes, steal cookie-based authentication credentials, compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, or bypass certain security restrictions to perform unauthorized actions.
  
Command School Student Management System 1.06.01 is vulnerable; other versions may also be affected. 

http://www.example.com/sw/admin_school_years.php?action=edit&amp;id=null+and+1=2+union+select+version()

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Command School Student Management System - '/sw/admin_school_years.php?id' SQL Injection

Vulmon Search

About

Products

Connect