Campcodes Complete Web Based School Management System

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Campcodes Complete Web Based School Management System.

By the Year

In 2026 there have been 0 vulnerabilities in Campcodes Complete Web Based School Management System. Complete Web Based School Management System did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2026	0	0.00
2025	0	0.00
2024	104	6.39

It may take a day or so for new Complete Web Based School Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Campcodes Complete Web Based School Management System Security Vulnerabilities

SQLi in /model/approve_petty_cash.php of Campcodes School Mgt Sys 1.0
CVE-2024-33402 - May 28, 2024

A SQL injection vulnerability in /model/approve_petty_cash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter.

SQL Injection in campcodes School Management System 1.0 (get_teacher.php)
CVE-2024-33799 - May 28, 2024

A SQL injection vulnerability in /model/get_teacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.

CVE-2024-33800: SQLi via index in get_student1.php (CWSMS 1.0)
CVE-2024-33800 - May 28, 2024

A SQL injection vulnerability in /model/get_student1.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter.

SQLi in /model/get_subject_routing.php of Campcodes School Mgmt 1.0 via id
CVE-2024-33801 - May 28, 2024

A SQL injection vulnerability in /model/get_subject_routing.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.

CVE-2024-33802: SQLi in /model/get_student_subject.php of campcodes CMS 1.0
CVE-2024-33802 - May 28, 2024

A SQL injection vulnerability in /model/get_student_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter.

SQLi in campcodes CWBSMS v1.0 /model/get_exam.php id param
CVE-2024-33803 - May 28, 2024

A SQL injection vulnerability in /model/get_exam.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.

SQLi via /model/get_subject.php id in campcodes CMS 1.0
CVE-2024-33804 - May 28, 2024

A SQL injection vulnerability in /model/get_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.

SQLi in campcodes Complete Web-Based School Mgmt 1.0 /model/get_student.php ID
CVE-2024-33805 - May 28, 2024

A SQL injection vulnerability in /model/get_student.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.

Sqli in Complete Web-Based School Management System 1.0 get_grade.php
CVE-2024-33806 - May 28, 2024

A SQL injection vulnerability in /model/get_grade.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.

SQLi via grade param in /model/get_teacher_timetable.php (campsims 1.0)
CVE-2024-33807 - May 28, 2024

A SQL injection vulnerability in /model/get_teacher_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter.

SQLi in campcodes CWSMS 1.0 via 'id' in get_timetable.php
CVE-2024-33808 - May 28, 2024

A SQL injection vulnerability in /model/get_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter.

SQLi in /model/update_classroom.php Campcodes CMS 1.0 (before patch)
CVE-2024-34927 - May 23, 2024

A SQL injection vulnerability in /model/update_classroom.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter.

SQLi via grade param in /model/update_subject_routing.php (CMMS 1.0)
CVE-2024-34928 - May 23, 2024

A SQL injection vulnerability in /model/update_subject_routing.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter.

SQLi in Campcodes CMS 1.0 /view/find_friends.php my_index param
CVE-2024-34929 - May 23, 2024

A SQL injection vulnerability in /view/find_friends.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the my_index parameter.

SQLi in /model/all_events1.php of Campcodes Web School Mngmnt Sys 1.0
CVE-2024-34930 - May 23, 2024

A SQL injection vulnerability in /model/all_events1.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the month parameter.

SQLi via name param in Campcodes Complete School Mgmt Sys 1.0
CVE-2024-34931 - May 23, 2024

A SQL injection vulnerability in /model/update_subject.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter.

CVE-2024-34932: SQLI via NAME in Campcodes 1.0 update_exam.php
CVE-2024-34932 - May 23, 2024

A SQL injection vulnerability in /model/update_exam.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter.

Campcodes CMS 1.0 SQLi via admission_fee param
CVE-2024-34933 - May 23, 2024

A SQL injection vulnerability in /model/update_grade.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the admission_fee parameter.

Campcodes Complete Web-Based School Management System 1.0 SQLi via conversation_id
CVE-2024-34934 - May 23, 2024

A SQL injection vulnerability in /view/emarks_range_grade_update_form.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter.

SQLI in /view/conversation_history_admin.php of Campcodes CMS 1.0
CVE-2024-34935 - May 23, 2024

A SQL injection vulnerability in /view/conversation_history_admin.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter.

SQL Injection via month param in event1.php (Campcodes CMS 1.0)
CVE-2024-34936 - May 23, 2024

A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter.

SQLi via my_index in Campcodes CMS v1.0 /view/unread_msg.php
CVE-2024-5240 6.5 - Medium - May 23, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /view/unread_msg.php. The manipulation of the argument my_index leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-265991.

SQL Injection

Campcodes School Mgmt 1.0: SQLi in timetable_grade_wise.php
CVE-2024-5237 6.5 - Medium - May 23, 2024

A vulnerability, which was classified as critical, has been found in Campcodes Complete Web-Based School Management System 1.0. Affected by this issue is some unknown functionality of the file /view/timetable_grade_wise.php. The manipulation of the argument grade leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265988.

SQL Injection

Campcodes CMS 1.0 SQL Insertion via grade on timetable_insert_form.php
CVE-2024-5238 6.5 - Medium - May 23, 2024

A vulnerability, which was classified as critical, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/timetable_insert_form.php. The manipulation of the argument grade leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265989 was assigned to this vulnerability.

SQL Injection

SQLi in Campcodes CMS v1.0 via grade arg in timetable_update_form.php
CVE-2024-5239 6.5 - Medium - May 23, 2024

A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /view/timetable_update_form.php. The manipulation of the argument grade leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-265990 is the identifier assigned to this vulnerability.

Campcodes 1.0 SQLi via /view/teacher_salary_invoice1.php date arg
CVE-2024-5236 6.5 - Medium - May 23, 2024

A vulnerability classified as critical was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/teacher_salary_invoice1.php. The manipulation of the argument date leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-265987.

SQL Injection

SQLi via teacher_id in Campcodes Complete Web-Based School Management System 1.0
CVE-2024-5235 6.5 - Medium - May 23, 2024

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teacher_salary_invoice.php. The manipulation of the argument teacher_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-265986 is the identifier assigned to this vulnerability.

SQL Injection

Campcodes Web School Sys 1.0 SQLi in teacher_salary_details3.php
CVE-2024-5233 6.5 - Medium - May 23, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view/teacher_salary_details3.php. The manipulation of the argument index leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265984.

SQL Injection

CVE-2024-5234: Critical PHP SQLi in Campcodes CMS 1.0 teacher_salary_history1.php
CVE-2024-5234 6.5 - Medium - May 23, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /view/teacher_salary_history1.php. The manipulation of the argument index leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265985 was assigned to this vulnerability.

SQL Injection

Campcodes Complete Web-Based School Management System 1.0 SQLi in teacher_salary_details2.php
CVE-2024-5232 6.5 - Medium - May 23, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. This affects an unknown part of the file /view/teacher_salary_details2.php. The manipulation of the argument index leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-265983.

SQL Injection

SQLi via /view/teacher_salary_details.php in Campcodes CMS 1.0
CVE-2024-5231 6.5 - Medium - May 23, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view/teacher_salary_details.php. The manipulation of the argument index leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-265982 is the identifier assigned to this vulnerability.

SQL Injection

SQLi in Campcodes CMS 1.0 /view/teacher_profile.php - Critical Vulnerability
CVE-2024-5115 6.5 - Medium - May 20, 2024

A vulnerability classified as critical was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/teacher_profile.php. The manipulation of the argument index leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265105 was assigned to this vulnerability.

SQL Injection

Campcodes CMS 1.0 SQLi via teacher_attendance_history1.php
CVE-2024-5114 6.5 - Medium - May 20, 2024

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teacher_attendance_history1.php. The manipulation of the argument index leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265104.

SQL Injection

Campcodes CMS 1.0: Remote SQLi via std_index (cve-2024-5113)
CVE-2024-5113 6.5 - Medium - May 20, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /view/student_profile1.php. The manipulation of the argument std_index leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-265103.

SQL Injection

Campcodes CSWS 1.0: SQLi in student_profile.php via std_index
CVE-2024-5112 6.5 - Medium - May 20, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view/student_profile.php. The manipulation of the argument std_index leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-265102 is the identifier assigned to this vulnerability.

SQL Injection

SQLi in Campcodes CMS 1.0 via /view/student_payment_invoice.php
CVE-2024-5110 6.5 - Medium - May 20, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view/student_payment_invoice.php. The manipulation of the argument index leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265100.

SQL Injection

Campcodes School Sys 1.0 PHP SQLi via date in student_payment_invoice1.php
CVE-2024-5111 6.5 - Medium - May 20, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. This affects an unknown part of the file /view/student_payment_invoice1.php. The manipulation of the argument date leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265101 was assigned to this vulnerability.

SQL Injection

SQLi in Campcodes 1.0 Web School Mgmt Sys /view/student_payment_history.php
CVE-2024-5109 6.5 - Medium - May 20, 2024

A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /view/student_payment_history.php. The manipulation of the argument index leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-265099.

SQL Injection

Campcodes CMS 1.0 Crit SQLi in student_payment_details2.php
CVE-2024-5107 6.5 - Medium - May 20, 2024

A vulnerability, which was classified as critical, has been found in Campcodes Complete Web-Based School Management System 1.0. This issue affects some unknown processing of the file /view/student_payment_details2.php. The manipulation of the argument index leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265097 was assigned to this vulnerability.

SQL Injection

Campcodes CMS 1.0 Remote SQLi via /view/student_payment_details4.php
CVE-2024-5108 6.5 - Medium - May 20, 2024

A vulnerability, which was classified as critical, was found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/student_payment_details4.php. The manipulation of the argument index leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-265098 is the identifier assigned to this vulnerability.

SQL Injection

CVE-2024-5105: SQLi in Campcodes 1.0 student_payment_details.php
CVE-2024-5105 8.8 - High - May 19, 2024

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/student_payment_details.php. The manipulation of the argument index leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-265095.

SQL Injection

SQLi via Argument Index in Campcodes School Management System 1.0
CVE-2024-5106 8.8 - High - May 19, 2024

A vulnerability classified as critical was found in Campcodes Complete Web-Based School Management System 1.0. This vulnerability affects unknown code of the file /view/student_payment_details3.php. The manipulation of the argument index leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265096.

SQL Injection

SQLi in Campcodes CMS 1.0 via student_grade_wise.php
CVE-2024-5104 8.8 - High - May 19, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /view/student_grade_wise.php. The manipulation of the argument grade leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-265094 is the identifier assigned to this vulnerability.

SQL Injection

Critical SQLi via grade arg in Campcodes 1.0 student_first_payment.php (remote)
CVE-2024-5103 8.8 - High - May 19, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/student_first_payment.php. The manipulation of the argument grade leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265093 was assigned to this vulnerability.

Campcodes 1.0: Remote SQLi via exam arg in student_exam_mark_update_form.php
CVE-2024-4911 6.5 - Medium - May 15, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /view/student_exam_mark_update_form.php. The manipulation of the argument exam leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-264446 is the identifier assigned to this vulnerability.

SQL Injection

Critical SQLi in Campcodes CSMS 1.0 via grade param
CVE-2024-4910 6.5 - Medium - May 15, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/student_exam_mark_insert_form1.php. The manipulation of the argument grade leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-264445 was assigned to this vulnerability.

SQL Injection

SQLi via grade param in Campcodes SchoolMS 1.0 /view/show_student2.php
CVE-2024-4907 6.5 - Medium - May 15, 2024

A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /view/show_student2.php. The manipulation of the argument grade leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-264442 is the identifier assigned to this vulnerability.

SQL Injection

Critical SQLi in Campcodes CSMS 1.0 via student_attendance_history1.php
CVE-2024-4908 6.5 - Medium - May 15, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /view/student_attendance_history1.php. The manipulation of the argument index leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-264443.

SQL Injection

Campcodes CMS 1.0 SQLi via due_year in student_due_payment.php
CVE-2024-4909 6.5 - Medium - May 15, 2024

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /view/student_due_payment.php. The manipulation of the argument due_year leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-264444.

SQLi in Campcodes School Mgmt Sys 1.0 /view/show_student1.php
CVE-2024-4906 7.5 - High - May 15, 2024

A vulnerability, which was classified as critical, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/show_student1.php. The manipulation of the argument grade leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-264441 was assigned to this vulnerability.

SQL Injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Campcodes Complete Web Based School Management System or by Campcodes? Click the Watch button to subscribe.

Campcodes
Vendor

Campcodes Complete Web Based School Management System
Product

Campcodes Complete Web Based School Management System

Don't miss out!

By the Year

Recent Campcodes Complete Web Based School Management System Security Vulnerabilities

SQLi in /model/approve_petty_cash.php of Campcodes School Mgt Sys 1.0 CVE-2024-33402 - May 28, 2024

SQL Injection in campcodes School Management System 1.0 (get_teacher.php) CVE-2024-33799 - May 28, 2024

CVE-2024-33800: SQLi via index in get_student1.php (CWSMS 1.0) CVE-2024-33800 - May 28, 2024

SQLi in /model/get_subject_routing.php of Campcodes School Mgmt 1.0 via id CVE-2024-33801 - May 28, 2024

CVE-2024-33802: SQLi in /model/get_student_subject.php of campcodes CMS 1.0 CVE-2024-33802 - May 28, 2024

SQLi in campcodes CWBSMS v1.0 /model/get_exam.php id param CVE-2024-33803 - May 28, 2024

SQLi via /model/get_subject.php id in campcodes CMS 1.0 CVE-2024-33804 - May 28, 2024

SQLi in campcodes Complete Web-Based School Mgmt 1.0 /model/get_student.php ID CVE-2024-33805 - May 28, 2024

Sqli in Complete Web-Based School Management System 1.0 get_grade.php CVE-2024-33806 - May 28, 2024

SQLi via grade param in /model/get_teacher_timetable.php (campsims 1.0) CVE-2024-33807 - May 28, 2024

SQLi in campcodes CWSMS 1.0 via 'id' in get_timetable.php CVE-2024-33808 - May 28, 2024

SQLi in /model/update_classroom.php Campcodes CMS 1.0 (before patch) CVE-2024-34927 - May 23, 2024

SQLi via grade param in /model/update_subject_routing.php (CMMS 1.0) CVE-2024-34928 - May 23, 2024

SQLi in Campcodes CMS 1.0 /view/find_friends.php my_index param CVE-2024-34929 - May 23, 2024

SQLi in /model/all_events1.php of Campcodes Web School Mngmnt Sys 1.0 CVE-2024-34930 - May 23, 2024

SQLi via name param in Campcodes Complete School Mgmt Sys 1.0 CVE-2024-34931 - May 23, 2024

CVE-2024-34932: SQLI via NAME in Campcodes 1.0 update_exam.php CVE-2024-34932 - May 23, 2024

Campcodes CMS 1.0 SQLi via admission_fee param CVE-2024-34933 - May 23, 2024

Campcodes Complete Web-Based School Management System 1.0 SQLi via conversation_id CVE-2024-34934 - May 23, 2024

SQLI in /view/conversation_history_admin.php of Campcodes CMS 1.0 CVE-2024-34935 - May 23, 2024

SQL Injection via month param in event1.php (Campcodes CMS 1.0) CVE-2024-34936 - May 23, 2024

SQLi via my_index in Campcodes CMS v1.0 /view/unread_msg.php CVE-2024-5240 6.5 - Medium - May 23, 2024

Campcodes School Mgmt 1.0: SQLi in timetable_grade_wise.php CVE-2024-5237 6.5 - Medium - May 23, 2024

Campcodes CMS 1.0 SQL Insertion via grade on timetable_insert_form.php CVE-2024-5238 6.5 - Medium - May 23, 2024

SQLi in Campcodes CMS v1.0 via grade arg in timetable_update_form.php CVE-2024-5239 6.5 - Medium - May 23, 2024

Campcodes 1.0 SQLi via /view/teacher_salary_invoice1.php date arg CVE-2024-5236 6.5 - Medium - May 23, 2024

SQLi via teacher_id in Campcodes Complete Web-Based School Management System 1.0 CVE-2024-5235 6.5 - Medium - May 23, 2024

Campcodes Web School Sys 1.0 SQLi in teacher_salary_details3.php CVE-2024-5233 6.5 - Medium - May 23, 2024

CVE-2024-5234: Critical PHP SQLi in Campcodes CMS 1.0 teacher_salary_history1.php CVE-2024-5234 6.5 - Medium - May 23, 2024

Campcodes Complete Web-Based School Management System 1.0 SQLi in teacher_salary_details2.php CVE-2024-5232 6.5 - Medium - May 23, 2024

SQLi via /view/teacher_salary_details.php in Campcodes CMS 1.0 CVE-2024-5231 6.5 - Medium - May 23, 2024

SQLi in Campcodes CMS 1.0 /view/teacher_profile.php - Critical Vulnerability CVE-2024-5115 6.5 - Medium - May 20, 2024

Campcodes CMS 1.0 SQLi via teacher_attendance_history1.php CVE-2024-5114 6.5 - Medium - May 20, 2024

Campcodes CMS 1.0: Remote SQLi via std_index (cve-2024-5113) CVE-2024-5113 6.5 - Medium - May 20, 2024

Campcodes CSWS 1.0: SQLi in student_profile.php via std_index CVE-2024-5112 6.5 - Medium - May 20, 2024

SQLi in Campcodes CMS 1.0 via /view/student_payment_invoice.php CVE-2024-5110 6.5 - Medium - May 20, 2024

Campcodes School Sys 1.0 PHP SQLi via date in student_payment_invoice1.php CVE-2024-5111 6.5 - Medium - May 20, 2024

SQLi in Campcodes 1.0 Web School Mgmt Sys /view/student_payment_history.php CVE-2024-5109 6.5 - Medium - May 20, 2024

Campcodes CMS 1.0 Crit SQLi in student_payment_details2.php CVE-2024-5107 6.5 - Medium - May 20, 2024

Campcodes CMS 1.0 Remote SQLi via /view/student_payment_details4.php CVE-2024-5108 6.5 - Medium - May 20, 2024

CVE-2024-5105: SQLi in Campcodes 1.0 student_payment_details.php CVE-2024-5105 8.8 - High - May 19, 2024

SQLi via Argument Index in Campcodes School Management System 1.0 CVE-2024-5106 8.8 - High - May 19, 2024

SQLi in Campcodes CMS 1.0 via student_grade_wise.php CVE-2024-5104 8.8 - High - May 19, 2024

Critical SQLi via grade arg in Campcodes 1.0 student_first_payment.php (remote) CVE-2024-5103 8.8 - High - May 19, 2024

Campcodes 1.0: Remote SQLi via exam arg in student_exam_mark_update_form.php CVE-2024-4911 6.5 - Medium - May 15, 2024

Critical SQLi in Campcodes CSMS 1.0 via grade param CVE-2024-4910 6.5 - Medium - May 15, 2024

SQLi via grade param in Campcodes SchoolMS 1.0 /view/show_student2.php CVE-2024-4907 6.5 - Medium - May 15, 2024

Critical SQLi in Campcodes CSMS 1.0 via student_attendance_history1.php CVE-2024-4908 6.5 - Medium - May 15, 2024

Campcodes CMS 1.0 SQLi via due_year in student_due_payment.php CVE-2024-4909 6.5 - Medium - May 15, 2024

SQLi in Campcodes School Mgmt Sys 1.0 /view/show_student1.php CVE-2024-4906 7.5 - High - May 15, 2024

Stay on top of Security Vulnerabilities

Campcodes Vendor

Campcodes Complete Web Based School Management SystemProduct

SQLi in /model/approve_petty_cash.php of Campcodes School Mgt Sys 1.0
CVE-2024-33402 - May 28, 2024

SQL Injection in campcodes School Management System 1.0 (get_teacher.php)
CVE-2024-33799 - May 28, 2024

CVE-2024-33800: SQLi via index in get_student1.php (CWSMS 1.0)
CVE-2024-33800 - May 28, 2024

SQLi in /model/get_subject_routing.php of Campcodes School Mgmt 1.0 via id
CVE-2024-33801 - May 28, 2024

CVE-2024-33802: SQLi in /model/get_student_subject.php of campcodes CMS 1.0
CVE-2024-33802 - May 28, 2024

SQLi in campcodes CWBSMS v1.0 /model/get_exam.php id param
CVE-2024-33803 - May 28, 2024

SQLi via /model/get_subject.php id in campcodes CMS 1.0
CVE-2024-33804 - May 28, 2024

SQLi in campcodes Complete Web-Based School Mgmt 1.0 /model/get_student.php ID
CVE-2024-33805 - May 28, 2024

Sqli in Complete Web-Based School Management System 1.0 get_grade.php
CVE-2024-33806 - May 28, 2024

SQLi via grade param in /model/get_teacher_timetable.php (campsims 1.0)
CVE-2024-33807 - May 28, 2024

SQLi in campcodes CWSMS 1.0 via 'id' in get_timetable.php
CVE-2024-33808 - May 28, 2024

SQLi in /model/update_classroom.php Campcodes CMS 1.0 (before patch)
CVE-2024-34927 - May 23, 2024

SQLi via grade param in /model/update_subject_routing.php (CMMS 1.0)
CVE-2024-34928 - May 23, 2024

SQLi in Campcodes CMS 1.0 /view/find_friends.php my_index param
CVE-2024-34929 - May 23, 2024

SQLi in /model/all_events1.php of Campcodes Web School Mngmnt Sys 1.0
CVE-2024-34930 - May 23, 2024

SQLi via name param in Campcodes Complete School Mgmt Sys 1.0
CVE-2024-34931 - May 23, 2024

CVE-2024-34932: SQLI via NAME in Campcodes 1.0 update_exam.php
CVE-2024-34932 - May 23, 2024

Campcodes CMS 1.0 SQLi via admission_fee param
CVE-2024-34933 - May 23, 2024

Campcodes Complete Web-Based School Management System 1.0 SQLi via conversation_id
CVE-2024-34934 - May 23, 2024

SQLI in /view/conversation_history_admin.php of Campcodes CMS 1.0
CVE-2024-34935 - May 23, 2024

SQL Injection via month param in event1.php (Campcodes CMS 1.0)
CVE-2024-34936 - May 23, 2024

SQLi via my_index in Campcodes CMS v1.0 /view/unread_msg.php
CVE-2024-5240 6.5 - Medium - May 23, 2024

Campcodes School Mgmt 1.0: SQLi in timetable_grade_wise.php
CVE-2024-5237 6.5 - Medium - May 23, 2024

Campcodes CMS 1.0 SQL Insertion via grade on timetable_insert_form.php
CVE-2024-5238 6.5 - Medium - May 23, 2024

SQLi in Campcodes CMS v1.0 via grade arg in timetable_update_form.php
CVE-2024-5239 6.5 - Medium - May 23, 2024

Campcodes 1.0 SQLi via /view/teacher_salary_invoice1.php date arg
CVE-2024-5236 6.5 - Medium - May 23, 2024

SQLi via teacher_id in Campcodes Complete Web-Based School Management System 1.0
CVE-2024-5235 6.5 - Medium - May 23, 2024

Campcodes Web School Sys 1.0 SQLi in teacher_salary_details3.php
CVE-2024-5233 6.5 - Medium - May 23, 2024

CVE-2024-5234: Critical PHP SQLi in Campcodes CMS 1.0 teacher_salary_history1.php
CVE-2024-5234 6.5 - Medium - May 23, 2024

Campcodes Complete Web-Based School Management System 1.0 SQLi in teacher_salary_details2.php
CVE-2024-5232 6.5 - Medium - May 23, 2024

SQLi via /view/teacher_salary_details.php in Campcodes CMS 1.0
CVE-2024-5231 6.5 - Medium - May 23, 2024

SQLi in Campcodes CMS 1.0 /view/teacher_profile.php - Critical Vulnerability
CVE-2024-5115 6.5 - Medium - May 20, 2024

Campcodes CMS 1.0 SQLi via teacher_attendance_history1.php
CVE-2024-5114 6.5 - Medium - May 20, 2024

Campcodes CMS 1.0: Remote SQLi via std_index (cve-2024-5113)
CVE-2024-5113 6.5 - Medium - May 20, 2024

Campcodes CSWS 1.0: SQLi in student_profile.php via std_index
CVE-2024-5112 6.5 - Medium - May 20, 2024

SQLi in Campcodes CMS 1.0 via /view/student_payment_invoice.php
CVE-2024-5110 6.5 - Medium - May 20, 2024

Campcodes School Sys 1.0 PHP SQLi via date in student_payment_invoice1.php
CVE-2024-5111 6.5 - Medium - May 20, 2024

SQLi in Campcodes 1.0 Web School Mgmt Sys /view/student_payment_history.php
CVE-2024-5109 6.5 - Medium - May 20, 2024

Campcodes CMS 1.0 Crit SQLi in student_payment_details2.php
CVE-2024-5107 6.5 - Medium - May 20, 2024

Campcodes CMS 1.0 Remote SQLi via /view/student_payment_details4.php
CVE-2024-5108 6.5 - Medium - May 20, 2024

CVE-2024-5105: SQLi in Campcodes 1.0 student_payment_details.php
CVE-2024-5105 8.8 - High - May 19, 2024

SQLi via Argument Index in Campcodes School Management System 1.0
CVE-2024-5106 8.8 - High - May 19, 2024

SQLi in Campcodes CMS 1.0 via student_grade_wise.php
CVE-2024-5104 8.8 - High - May 19, 2024

Critical SQLi via grade arg in Campcodes 1.0 student_first_payment.php (remote)
CVE-2024-5103 8.8 - High - May 19, 2024

Campcodes 1.0: Remote SQLi via exam arg in student_exam_mark_update_form.php
CVE-2024-4911 6.5 - Medium - May 15, 2024

Critical SQLi in Campcodes CSMS 1.0 via grade param
CVE-2024-4910 6.5 - Medium - May 15, 2024

SQLi via grade param in Campcodes SchoolMS 1.0 /view/show_student2.php
CVE-2024-4907 6.5 - Medium - May 15, 2024

Critical SQLi in Campcodes CSMS 1.0 via student_attendance_history1.php
CVE-2024-4908 6.5 - Medium - May 15, 2024

Campcodes CMS 1.0 SQLi via due_year in student_due_payment.php
CVE-2024-4909 6.5 - Medium - May 15, 2024

SQLi in Campcodes School Mgmt Sys 1.0 /view/show_student1.php
CVE-2024-4906 7.5 - High - May 15, 2024

Campcodes
Vendor

Campcodes Complete Web Based School Management System
Product