CVE-2024-46334

Medium CVSS: 6.1

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the formuser and formpassword parameters in /adminLogin.php.

Vendor

Product

CWE

Yayın Tarihi

2025-11-17 17:15:46

Güncelleme

2025-11-19 13:10:14

Source Identifier

cve@mitre.org

KEV Date Added

CWE-79 School Management System MEDIUM Kashipara 2025

https://github.com/leexsoyoung/CVEs/blob/main/CVE-2024-46334.md https://www.kashipara.com/project/php/73/school-management-system-download-project-source-code-in-php

Medium

CVE-2026-26464

Stored Cross-Site Scripting (XSS) was found in the /admin/edit_user.php page of Society Management System Portal V1.0, w…

Medium

CVE-2024-44651

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the recover_email parameter in user_password_recover.…

Medium

CVE-2024-44653

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the user_email parameter in user_login.php.

Medium

CVE-2024-44652

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the user_email, username, user_firstname, user_lastna…

Medium

CVE-2024-46336

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via /client_user/feedback.php.

Medium

CVE-2025-26158

A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the manage-employee.php page of Kashipara Online Att…