CVE-2023-5637 is a high-severity file-upload flaw in Arslansoft Education Portal affecting versions before v1.1. According to the NVD record, the issue is network-exploitable without authentication and can disclose sensitive information, with no impact listed for integrity or availability.
CVE-2023-5636 is a critical vulnerability in ArslanSoft Education Portal before v1.1 involving unrestricted upload of a dangerous file type. The published CVSS vector indicates remote, unauthenticated exploitation with low attack complexity and high impact to confidentiality, integrity, and availability. The official record and linked USOM advisory describe the issue as capable of leading to command injec [truncated]
CVE-2023-5635 is a high-severity information disclosure issue in ArslanSoft Education Portal before v1.1. The public records describe improper protection for outbound error messages and alert signals, creating a path for account footprinting. NVD rates the issue CVSS 3.1 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), so the main concern is remote, unauthenticated exposure of sensitive account-related informat [truncated]