GCVE - cpe:2.3:a:kashipara:responsive_school_management

Approved changes feed: RSS · Atom

cpe:2.3:a:kashipara:responsive_school_management_system:3.2.0:*:*:*:*:*:*:*

part: a version: 3.2.0 update: *

Vendor	Kashipara (`6b7db86c-2a94-5a2d-adbe-6158c7191f84`)
Product	Responsive School Management System (`b20ff8e7-33f2-5ed8-90f2-a1c149ad8562`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-41252`	vulnerable	2026-06-03 14:56:34.276945	Details available An Incorrect Access Control vulnerability was found in /smsa/admin_student_register_approval.php and /smsa/admin_student_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve student registration. Published: 2024-08-07T00:00:00.000Z Updated: 2024-08-07T18:19:35.860Z Open on db.gcve.eu Reference links https://www.kashipara.com/project/php/12362/responsive-school-management-system-php-project-source-code https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20Dashboard%20-%20Registered%20Student.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41251`	vulnerable	2026-06-03 14:56:34.276593	Details available An Incorrect Access Control vulnerability was found in /smsa/admin_teacher_register_approval.php and /smsa/admin_teacher_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve Teacher registration. Published: 2024-08-07T00:00:00.000Z Updated: 2025-03-13T20:19:49.815Z Open on db.gcve.eu Reference links https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20Dashboard%20-%20Registered%20Teacher.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41250`	vulnerable	2026-06-03 14:56:34.276253	Details available An Incorrect Access Control vulnerability was found in /smsa/view_students.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT details. Published: 2024-08-07T00:00:00.000Z Updated: 2025-03-14T15:53:47.031Z Open on db.gcve.eu Reference links https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20-%20View%20Students.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41249`	vulnerable	2026-06-03 14:56:34.275903	Details available An Incorrect Access Control vulnerability was found in /smsa/view_subject.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view SUBJECT details. Published: 2024-08-07T00:00:00.000Z Updated: 2024-08-07T19:56:43.497Z Open on db.gcve.eu Reference links https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20-%20View%20Subjects.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41248`	vulnerable	2026-06-03 14:56:34.275545	Details available An Incorrect Access Control vulnerability was found in /smsa/add_subject.php and /smsa/add_subject_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new subject entry. Published: 2024-08-07T00:00:00.000Z Updated: 2024-08-07T19:58:46.379Z Open on db.gcve.eu Reference links https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20Master%20-%20Add%20Subject.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41247`	vulnerable	2026-06-03 14:56:34.275196	Details available An Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa/add_class_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new class entry. Published: 2024-08-07T00:00:00.000Z Updated: 2024-08-07T17:36:54.752Z Open on db.gcve.eu Reference links https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20Master%20-%20Add%20Classes.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41246`	vulnerable	2026-06-03 14:56:34.274831	Details available An Incorrect Access Control vulnerability was found in /smsa/admin_dashboard.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view administrator dashboard. Published: 2024-08-07T00:00:00.000Z Updated: 2025-03-27T15:52:22.066Z Open on db.gcve.eu Reference links https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20Dashboard.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41245`	vulnerable	2026-06-03 14:56:34.274465	Details available An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER details. Published: 2024-08-07T00:00:00.000Z Updated: 2024-08-08T14:11:50.594Z Open on db.gcve.eu Reference links https://www.kashipara.com/project/php/12362/responsive-school-management-system-php-project-source-code https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20-%20View%20Teachers.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41244`	vulnerable	2026-06-03 14:56:34.273902	Details available An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS details. Published: 2024-08-07T00:00:00.000Z Updated: 2024-08-08T14:08:50.030Z Open on db.gcve.eu Reference links https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Broken%20Access%20Control%20-%20Admin%20-%20View%20Class.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41242`	vulnerable	2026-06-03 14:56:34.273136	Details available A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter. Published: 2024-08-07T00:00:00.000Z Updated: 2024-08-07T20:12:51.643Z Open on db.gcve.eu Reference links https://www.kashipara.com/project/php/12362/responsive-school-management-system-php-project-source-code https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Reflected%20XSS%20-%20Student.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41241`	vulnerable	2026-06-03 14:56:34.272762	Details available A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter. Published: 2024-08-07T00:00:00.000Z Updated: 2024-09-03T18:16:30.775Z Open on db.gcve.eu Reference links https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Reflected%20XSS%20-%20Admin.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41240`	vulnerable	2026-06-03 14:56:34.272409	Details available A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/teacher_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the "error" parameter. Published: 2024-08-07T00:00:00.000Z Updated: 2024-08-13T14:18:18.666Z Open on db.gcve.eu Reference links https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Reflected%20XSS%20-%20Teacher.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-41236`	vulnerable	2026-06-03 14:56:34.267960	Details available A SQL injection vulnerability in /smsa/admin_login.php in Kashipara Responsive School Management System v3.2.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter of the Admin Login Page Published: 2024-08-28T00:00:00.000Z Updated: 2024-08-28T18:05:05.030Z Open on db.gcve.eu Reference links https://www.kashipara.com/project/php/12362/responsive-school-management-system-php-project-source-code https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/SQL%20Injection%20-%20Admin.pdf	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Responsive School Management System

PURL mappings

Vulnerability references

Contribute