School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| school_attendance_monitoring_system_project | school_attendance_monitoring_system | 1.0 |
Attendance Monitoring System 1.0 has SQL Injection via the 'id' parameter to student/index.php?view=view, event/index.php?view=view, and user/index.php?view=view.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| school_attendance_monitoring_system_project | school_attendance_monitoring_system | 1.0 |
School Attendance Monitoring System 1.0 has CSRF via event/controller.php?action=photos.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| school_attendance_monitoring_system_project | school_attendance_monitoring_system | 1.0 |