Khukuri Rimal

5 exploits Active since Jan 2025
CVE-2025-0559 WRITEUP LOW WRITEUP
Campcodes School Management Software 1.0 - XSS
A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 2.4
CVE-2025-0560 WRITEUP LOW WRITEUP
CampCodes School Management Software 1.0 - XSS
A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /photo-gallery of the component Photo Gallery Page. The manipulation of the argument Description leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 2.4
CVE-2025-0581 WRITEUP LOW WRITEUP
CampCodes School Management Software 1.0 - XSS
A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. This affects an unknown part of the file /chat/group/send of the component Chat History. The manipulation of the argument message leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2025-0625 WRITEUP LOW WRITEUP
CampCodes School Management Software 1.0 - Info Disclosure
A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. This affects an unknown part of the component Attachment Handler. The manipulation leads to improper control of resource identifiers. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
CVSS 3.1
CVE-2025-0849 WRITEUP MEDIUM WRITEUP
CampCodes School Management Software 1.0 - Unauthenticated Privilege Escalation via Staff Handler
A vulnerability classified as critical has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /edit-staff/ of the component Staff Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3