漏洞描述
Code-projects Simple School Managment System 是一个基于 PHP 的学校管理系统,用于管理学校的日常事务。该系统的 '/teacher_login.php' 页面中的 'pass' 参数和 'name' 参数存在身份验证绕过漏洞,攻击者可以利用该漏洞绕过身份验证,并访问未经授权的功能。
Simple School Managment System /teacher_login.php 权限绕过漏洞 (CVE-2024-25313)
PoC代码
暂无相关漏洞推荐
- Code-Projects Refugee Food Management System SQL注入漏洞
- CampCodes Supplier Management System SQL注入漏洞
- Code-Projects College Notes Uploading System SQL注入漏洞
- itsourcecode Online Frozen Foods Ordering System SQL注入漏洞
- (CVE-2025-15011)Simple Stock System 1.0 logout.php SQL注入漏洞
- Carmelo Simple_stock_system注入漏洞(CVE-2025-14834)
- POC CVE-2021-4462: Employee Records System 1.0 - Unauthenticated File Upload RCE
- POC CVE-2023-38875: PHP Login System 2.0.1 - Cross-Site Scripting
- 中成科信票务管理系统 /SystemManager/Api/TicketManager.ashx SQL 注入漏洞
- 泛微e-office /E-mobile/App/System/UserSelect/dept.php 未授权访问漏洞
- School Fees Payment System /student.php SQL 注入漏洞(CVE-2025-6403)
- (CVE-2021-4462)Employee Records System 1.0任意文件上传漏洞
- POC CVE-2025-6403: Code-Projects School Fees Payment System 1.0 - SQL Injection