Student Information System CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Academiaerp Subscriptions

Filtered by product Student Information System Subscriptions

Search

Switch to Advanced Search (Beta)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-25948	1 Academiaerp	1 Student Information System	2026-01-29	9.1 Critical
Incorrect access control in the component /rest/staffResource/create of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, including an Administrator account.
CVE-2025-25949	1 Academiaerp	1 Student Information System	2026-01-29	5.4 Medium
A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the User ID parameter at /rest/staffResource/update.

Page 1 of 1.