Filtered by vendor Academiaerp
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-53636 | 1 Academiaerp | 1 Student Information System | 2026-01-29 | N/A | 6.4 MEDIUM |
| An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System (SIS) EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter. | |||||
| CVE-2025-25948 | 1 Academiaerp | 1 Student Information System | 2026-01-29 | N/A | 9.1 CRITICAL |
| Incorrect access control in the component /rest/staffResource/create of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, including an Administrator account. | |||||
| CVE-2025-25949 | 1 Academiaerp | 1 Student Information System | 2026-01-29 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the User ID parameter at /rest/staffResource/update. | |||||