Arox School Management Software Php Mysql vulnerabilities
2 known vulnerabilities affecting arox/school_management_software_php_mysql.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2020-8505P3MEDIUMCVSS 6.5PoC≤ 2019-03-142020-01-31
CVE-2020-8505 [MEDIUM] CWE-352 CVE-2020-8505: School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=deleteadmin CSRF
School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=deleteadmin CSRF to delete a user.
nvd
CVE-2020-8504P3MEDIUMCVSS 6.5PoC≤ 2019-03-142020-01-31
CVE-2020-8504 [MEDIUM] CWE-352 CVE-2020-8504: School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=addadmin CSRF to
School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=addadmin CSRF to add an administrative user.
nvd