7.5
CVSSv2

CVE-2014-1636

Published: 22/01/2014 Updated: 30/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 810
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Multiple SQL injection vulnerabilities in Command School Student Management System 1.06.01 allow remote malicious users to execute arbitrary SQL commands via the id parameter in an edit action to (1) admin_school_names.php, (2) admin_subjects.php, (3) admin_grades.php, (4) admin_terms.php, (5) admin_school_years.php, (6) admin_sgrades.php, (7) admin_media_codes_1.php, (8) admin_infraction_codes.php, (9) admin_generations.php, (10) admin_relations.php, (11) admin_titles.php, or (12) health_allergies.php in sw/.

Vulnerable Product Search on Vulmon Subscribe to Product

doug poulin command school student management system 1.06.01

Exploits

source: wwwsecurityfocuscom/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1 Multiple SQL-injection vulnerabilities 2 A cross-site request forgery vulnerability 3 A cross-site scripting vulnerability 4 An HTML injection vulnerability 5 A security-bypass vulnerabi ...
source: wwwsecurityfocuscom/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1 Multiple SQL-injection vulnerabilities 2 A cross-site request forgery vulnerability 3 A cross-site scripting vulnerability 4 An HTML injection vulnerability 5 A security-bypass v ...
source: wwwsecurityfocuscom/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1 Multiple SQL-injection vulnerabilities 2 A cross-site request forgery vulnerability 3 A cross-site scripting vulnerability 4 An HTML injection vulnerability 5 A security-bypass vulnerabili ...
source: wwwsecurityfocuscom/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1 Multiple SQL-injection vulnerabilities 2 A cross-site request forgery vulnerability 3 A cross-site scripting vulnerability 4 An HTML injection vulnerability 5 A security-bypass ...
source: wwwsecurityfocuscom/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1 Multiple SQL-injection vulnerabilities 2 A cross-site request forgery vulnerability 3 A cross-site scripting vulnerability 4 An HTML injection vulnerability 5 A security-bypass vul ...
source: wwwsecurityfocuscom/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1 Multiple SQL-injection vulnerabilities 2 A cross-site request forgery vulnerability 3 A cross-site scripting vulnerability 4 An HTML injection vulnerability 5 A security-bypa ...
source: wwwsecurityfocuscom/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1 Multiple SQL-injection vulnerabilities 2 A cross-site request forgery vulnerability 3 A cross-site scripting vulnerability 4 An HTML injection vulnerability 5 A security-bypass vulne ...
source: wwwsecurityfocuscom/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1 Multiple SQL-injection vulnerabilities 2 A cross-site request forgery vulnerability 3 A cross-site scripting vulnerability 4 An HTML injection vulnerability 5 A security-bypass vulnera ...
source: wwwsecurityfocuscom/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1 Multiple SQL-injection vulnerabilities 2 A cross-site request forgery vulnerability 3 A cross-site scripting vulnerability 4 An HTML injection vulnerability 5 A security-bypass vulnerability Expl ...
source: wwwsecurityfocuscom/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1 Multiple SQL-injection vulnerabilities 2 A cross-site request forgery vulnerability 3 A cross-site scripting vulnerability 4 An HTML injection vulnerability 5 A security-bypass vulnerability E ...
source: wwwsecurityfocuscom/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1 Multiple SQL-injection vulnerabilities 2 A cross-site request forgery vulnerability 3 A cross-site scripting vulnerability 4 An HTML injection vulnerability 5 A security-bypass vulnerability ...
source: wwwsecurityfocuscom/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1 Multiple SQL-injection vulnerabilities 2 A cross-site request forgery vulnerability 3 A cross-site scripting vulnerability 4 An HTML injection vulnerability 5 A security-bypass vulnerability ...