Das Infomedia School Management System for WordPress
Approved changes feed: RSS · Atom
cpe:2.3:a:dasinfomedia:school_management_system:-:*:*:*:*:wordpress:*:*
part: a version: - update: *
| Vendor | Dasinfomedia (f71b3358-be41-5266-a8b4-0ec752d5d637) |
|---|---|
| Product | School Management System (32b12164-7f77-5f52-95a6-fc97a151940d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-9659 |
vulnerable | 2026-06-08 07:00:28.414495 |
School Management <= 91.5.0 - Unauthenticated Arbitrary File Upload
CRITICAL (9.8)
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the mj_smgt_user_avatar_image_upload() function in all versions up to, and including, 91.5.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Published: 2024-11-23T07:38:07.945Z
Updated: 2026-04-08T17:35:15.956Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-14843 |
vulnerable | 2026-06-08 05:08:57.492576 |
Details available
Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.
Published: 2017-09-27T20:00:00.000Z
Updated: 2024-08-05T19:42:21.366Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.