Eskooly

eskooly

6 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-27717 1Eskooly 1Eskooly Apr 28, 2025 Jul 5, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Cross Site Request Forgery vulnerability in Eskooly Free Online School Management Software v.3.0 and before allows a remote attacker to escalate privileges via the Token Handling component.
CVE-2024-27715 1Eskooly 1Eskooly Apr 16, 2025 Jul 5, 2024 N/A· v4 8.2 HIGH· v3 N/A· v2 An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via a crafted request to the Password Change mechanism.
CVE-2024-27713 1Eskooly 1Eskooly Apr 16, 2025 Jul 5, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the HTTP Response Header Settings component.
CVE-2024-27712 1Eskooly 1Eskooly Mar 13, 2025 Jul 5, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the User Account Mangemnt component in the authentication mechanism.
CVE-2024-27711 1Eskooly 1Eskooly Nov 21, 2024 Jul 5, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the Sin-up process function in the account settings.
CVE-2024-27710 1Eskooly 1Eskooly Apr 16, 2025 Jul 5, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via the authentication mechanism.