Student Information System

student_information_system

Vendor: Academiaerp • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-53636 1Academiaerp 1Student Information System Jan 29, 2026 Apr 26, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System (SIS) EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter.
CVE-2025-25949 1Academiaerp 1Student Information System Jan 29, 2026 Mar 3, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted...Show more A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the User ID parameter at /rest/staffResource/update.Show less
CVE-2025-25948 1Academiaerp 1Student Information System Jan 29, 2026 Mar 3, 2025 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Incorrect access control in the component /rest/staffResource/create of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, including an Administra...Show more Incorrect access control in the component /rest/staffResource/create of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, including an Administrator account.Show less