Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Campcodes Subscribe
Filtered by product Complete Web-based School Management System
Total 92 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-33403 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 9.8 CRITICAL
A SQL injection vulnerability in /model/get_events.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the event_id parameter.
CVE-2024-33404 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 8.3 HIGH
A SQL injection vulnerability in /model/add_student_first_payment.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the index parameter.
CVE-2024-33405 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 8.6 HIGH
SQL injection vulnerability in add_friends.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the friend_index parameter.
CVE-2024-33406 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 7.3 HIGH
SQL injection vulnerability in /model/delete_student_grade_subject.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the index parameter.
CVE-2024-33407 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 5.9 MEDIUM
SQL injection vulnerability in /model/delete_record.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33408 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 9.8 CRITICAL
A SQL injection vulnerability in /model/get_classroom.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33409 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 9.8 CRITICAL
SQL injection vulnerability in index.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the name parameter.
CVE-2024-33410 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 8.1 HIGH
SQL injection vulnerability in /model/delete_range_grade.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter.
CVE-2024-33411 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 9.8 CRITICAL
A SQL injection vulnerability in /model/get_admin_profile.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the my_index parameter.
CVE-2024-34927 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 9.8 CRITICAL
A SQL injection vulnerability in /model/update_classroom.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter.
CVE-2024-34928 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 7.3 HIGH
A SQL injection vulnerability in /model/update_subject_routing.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter.
CVE-2024-34929 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 9.8 CRITICAL
A SQL injection vulnerability in /view/find_friends.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the my_index parameter.
CVE-2024-34930 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 5.3 MEDIUM
A SQL injection vulnerability in /model/all_events1.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the month parameter.
CVE-2024-34931 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 9.8 CRITICAL
A SQL injection vulnerability in /model/update_subject.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter.
CVE-2024-34932 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 9.8 CRITICAL
A SQL injection vulnerability in /model/update_exam.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter.
CVE-2024-34933 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 6.3 MEDIUM
A SQL injection vulnerability in /model/update_grade.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the admission_fee parameter.
CVE-2024-34934 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 9.8 CRITICAL
A SQL injection vulnerability in /view/emarks_range_grade_update_form.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter.
CVE-2024-34935 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 9.8 CRITICAL
A SQL injection vulnerability in /view/conversation_history_admin.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter.
CVE-2024-34936 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 8.6 HIGH
A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter.
CVE-2024-33799 1 Campcodes 1 Complete Web-based School Management System 2025-03-25 N/A 9.8 CRITICAL
A SQL injection vulnerability in /model/get_teacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.