cpe:/a:schoolmation:schoolmation:2.3 CVE-2010-5011 2011-11-02T17:55:01.667-04:00 2017-08-28T21:29:10.567-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2011-11-03T11:13:00.000-04:00 EXPLOIT-DB 13812 BID 40737 SREASON 8508 MISC http://packetstormsecurity.org/1006-exploits/schoolmation-sqlxss.txt XF schoolmation-studentmain-sql-injection(59347) SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session parameter.