CVE-2024-27715
HIGHDescription
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote attacker to escalate privileges via a crafted request to the Password Change mechanism.
Is your site exposed to CVE-2024-27715?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| eskooly | eskooly |
References
Frequently Asked Questions
What is CVE-2024-27715? +
How severe is CVE-2024-27715? +
What products are affected by CVE-2024-27715? +
How do I check if I'm vulnerable to CVE-2024-27715? +
Related Vulnerabilities
Ibexa is a composable end-to-end DXP (Digital Experience Platform). Versions 5.0.0-beta1 through 5.0.3 do not have password validation. During the …
A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker …
The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator …
Unverified password change vulnerability in Janto, versions prior to r12. This could allow an unauthenticated attacker to change another user's …
The Appy Pie Connect for WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within the …
An authentication bypass vulnerability allows remote attackers to gain administrative privileges on Sophos AP6 Series Wireless Access Points older than …