Filtered by vendor Arox
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-13294 | 1 Arox | 1 School-erp | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| AROX School-ERP Pro has a command execution vulnerability. import_stud.php and upload_fille.php do not have session control. Therefore an unauthenticated user can execute a command on the system. | |||||
| CVE-2017-15978 | 1 Arox | 1 School Erp Php Script | 2017-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter. | |||||