Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 22/01/2014 Updated: 30/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Subscribe to Command School Student Management System

Command School Student Management System 1.06.01 does not properly restrict access to sw/backup/backup_ray2.php, which allows remote malicious users to download a database backup via a direct request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
doug poulin command school student management system 1.06.01

source: wwwsecurityfocuscom/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1 Multiple SQL-injection vulnerabilities 2 A cross-site request forgery vulnerability 3 A cross-site scripting vulnerability 4 An HTML injection vulnerability 5 A security-by ...

CWE-200 http://packetstormsecurity.com/files/124708/Command-School-Student-Management-System-1.06.01-SQL-Injection-CSRF-XSS.html http://osvdb.org/101888 http://www.securityfocus.com/bid/64707 https://nvd.nist.gov https://www.exploit-db.com/exploits/38956/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-1637

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect