GCVE - cpe:2.3:a:janobe:school_attendance_monitoring

Approved changes feed: RSS · Atom

cpe:2.3:a:janobe:school_attendance_monitoring_system:1.0:*:*:*:*:*:*:*

part: a version: 1.0 update: *

Vendor	Janobe (`958e97e2-37fb-58eb-baa2-792f3e424acf`)
Product	School Attendance Monitoring System (`b3b82bd9-fdeb-5f05-b44f-aa143597bb40`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-33974`	vulnerable	2026-06-03 14:55:53.291356	SQL injection in Janobe products CRITICAL (9.8) SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Users in '/report/printlogs.php' parameter. Published: 2024-08-06T11:57:17.030Z Updated: 2024-08-06T18:39:40.319Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33973`	vulnerable	2026-06-03 14:55:53.290880	SQL injection in Janobe products CRITICAL (9.8) SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in '/report/attendance_print.php' parameter. Published: 2024-08-06T11:56:55.835Z Updated: 2024-08-06T18:41:22.407Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33972`	vulnerable	2026-06-03 14:55:53.290387	SQL injection in Janobe products CRITICAL (9.8) SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'events' in '/report/event_print.php' parameter. Published: 2024-08-06T11:56:27.429Z Updated: 2024-08-06T13:39:34.735Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33970`	vulnerable	2026-06-03 14:55:53.289412	SQL injection in Janobe products CRITICAL (9.8) SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'studid' in '/candidate/controller.php' parameter. Published: 2024-08-06T11:55:29.937Z Updated: 2024-08-08T15:53:35.811Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33969`	vulnerable	2026-06-03 14:55:53.288878	SQL injection in Janobe products CRITICAL (9.8) SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'id' in '/AttendanceMonitoring/department/index.php' parameter. Published: 2024-08-06T11:55:02.847Z Updated: 2024-08-06T14:25:33.422Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33968`	vulnerable	2026-06-03 14:55:53.288053	SQL injection in Janobe products CRITICAL (9.8) SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in '/AttendanceMonitoring/report/index.php' parameter. Published: 2024-08-06T11:54:22.043Z Updated: 2024-08-06T13:41:18.731Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33967`	vulnerable	2026-06-03 14:55:53.285344	SQL injection in Janobe products CRITICAL (9.8) SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'view' in 'Attendance' and 'YearLevel' in '/AttendanceMonitoring/report/attendance_print.php' parameter. Published: 2024-08-06T11:53:34.083Z Updated: 2024-08-07T18:40:09.828Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-janobe-products	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

School Attendance Monitoring System

PURL mappings

Vulnerability references

Contribute