{"package":"yungifez/skuul","ecosystem":"composer","latest_version":"V2.6.4","description":"A multi school management system.","license":"MIT","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"","repository":"https://github.com/yungifez/skuul","downloads_weekly":0,"health":{"score":50,"risk":"high","breakdown":{"maintenance":10,"popularity":0,"security":25,"maturity":15,"community":0},"deprecated":false,"max_score":100},"vulnerabilities":{"count":3,"critical":0,"high":0,"medium":0,"low":3,"details":[{"vuln_id":"CVE-2025-13784","severity":"low","summary":"yungifez Skuul School Management System vulnerable to XSS via SVG","affected_versions":"<=2.6.5|=V1.0.3|=V2.6.4|=v0.0.1|=v0.1.0|=v0.2.0|=v1.0.0|=v1.0.1|=v1.0.10|=v1.0.11|=v1.0.12|=v1.0.13|=v1.0.2|=v1.0.4|=v1.0.5|=v1.0.6|=v1.0.7|=v1.0.8|=v1.0.9|=v1.1.0|=v1.1.1|=v1.1.2|=v1.1.3|=v1.1.4|=v1.1.5|=v1.1.6|=v1.1.7|=v1.2.0|=v1.2.1|=v1.2.2|=v1.2.3|=v1.2.4|=v1.2.5|=v1.2.6|=v1.3.0|=v1.3.1|=v1.3.2|=v1.4.0|=v1.5.0|=v1.5.1|=v1.6.0|=v1.6.1|=v1.6.2|=v1.6.3|=v1.6.4|=v2.0.0|=v2.0.1|=v2.0.2|=v2.1.0|=v2.1.1|=v2.1.2|=v2.1.3|=v2.2.0|=v2.3.0|=v2.3.1|=v2.3.2|=v2.3.3|=v2.4.0|=v2.4.1|=v2.4.2|=v2.4.3|=v2.4.4|=v2.4.5|=v2.4.6|=v2.5.0|=v2.5.1|=v2.5.10|=v2.5.11|=v2.5.12|=v2.5.13|=v2.5.14|=v2.5.15|=v2.5.16|=v2.5.17|=v2.5.2|=v2.5.3|=v2.5.4|=v2.5.5|=v2.5.6|=v2.5.7|=v2.5.8|=v2.5.9|=v2.6.0|=v2.6.1|=v2.6.2|=v2.6.3","fixed_version":null,"source":"osv","published_at":"2025-11-30T09:30:18Z","in_kev":false,"epss_prob":0.00023,"epss_percentile":0.06454,"threat_tier":"theoretical"},{"vuln_id":"CVE-2025-12918","severity":"low","summary":"Skuul School Management System has an Insecure Direct Object Reference (IDOR) Vulnerability in View Fee Invoice","affected_versions":"<=2.6.4|=V1.0.3|=V2.6.4|=v0.0.1|=v0.1.0|=v0.2.0|=v1.0.0|=v1.0.1|=v1.0.10|=v1.0.11|=v1.0.12|=v1.0.13|=v1.0.2|=v1.0.4|=v1.0.5|=v1.0.6|=v1.0.7|=v1.0.8|=v1.0.9|=v1.1.0|=v1.1.1|=v1.1.2|=v1.1.3|=v1.1.4|=v1.1.5|=v1.1.6|=v1.1.7|=v1.2.0|=v1.2.1|=v1.2.2|=v1.2.3|=v1.2.4|=v1.2.5|=v1.2.6|=v1.3.0|=v1.3.1|=v1.3.2|=v1.4.0|=v1.5.0|=v1.5.1|=v1.6.0|=v1.6.1|=v1.6.2|=v1.6.3|=v1.6.4|=v2.0.0|=v2.0.1|=v2.0.2|=v2.1.0|=v2.1.1|=v2.1.2|=v2.1.3|=v2.2.0|=v2.3.0|=v2.3.1|=v2.3.2|=v2.3.3|=v2.4.0|=v2.4.1|=v2.4.2|=v2.4.3|=v2.4.4|=v2.4.5|=v2.4.6|=v2.5.0|=v2.5.1|=v2.5.10|=v2.5.11|=v2.5.12|=v2.5.13|=v2.5.14|=v2.5.15|=v2.5.16|=v2.5.17|=v2.5.2|=v2.5.3|=v2.5.4|=v2.5.5|=v2.5.6|=v2.5.7|=v2.5.8|=v2.5.9|=v2.6.0|=v2.6.1|=v2.6.2|=v2.6.3","fixed_version":null,"source":"osv","published_at":"2025-11-09T09:30:15Z","in_kev":false,"epss_prob":0.00036,"epss_percentile":0.1044,"threat_tier":"theoretical"},{"vuln_id":"CVE-2025-13785","severity":"low","summary":"Skuul School Management System has a Sensitive Data Exposure Vulnerability in Uploaded Images","affected_versions":"<=2.6.4|=V1.0.3|=V2.6.4|=v0.0.1|=v0.1.0|=v0.2.0|=v1.0.0|=v1.0.1|=v1.0.10|=v1.0.11|=v1.0.12|=v1.0.13|=v1.0.2|=v1.0.4|=v1.0.5|=v1.0.6|=v1.0.7|=v1.0.8|=v1.0.9|=v1.1.0|=v1.1.1|=v1.1.2|=v1.1.3|=v1.1.4|=v1.1.5|=v1.1.6|=v1.1.7|=v1.2.0|=v1.2.1|=v1.2.2|=v1.2.3|=v1.2.4|=v1.2.5|=v1.2.6|=v1.3.0|=v1.3.1|=v1.3.2|=v1.4.0|=v1.5.0|=v1.5.1|=v1.6.0|=v1.6.1|=v1.6.2|=v1.6.3|=v1.6.4|=v2.0.0|=v2.0.1|=v2.0.2|=v2.1.0|=v2.1.1|=v2.1.2|=v2.1.3|=v2.2.0|=v2.3.0|=v2.3.1|=v2.3.2|=v2.3.3|=v2.4.0|=v2.4.1|=v2.4.2|=v2.4.3|=v2.4.4|=v2.4.5|=v2.4.6|=v2.5.0|=v2.5.1|=v2.5.10|=v2.5.11|=v2.5.12|=v2.5.13|=v2.5.14|=v2.5.15|=v2.5.16|=v2.5.17|=v2.5.2|=v2.5.3|=v2.5.4|=v2.5.5|=v2.5.6|=v2.5.7|=v2.5.8|=v2.5.9|=v2.6.0|=v2.6.1|=v2.6.2|=v2.6.3","fixed_version":null,"source":"osv","published_at":"2025-11-30T09:30:18Z","in_kev":false,"epss_prob":0.00023,"epss_percentile":0.06487,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"V2.6.4","total_count":85,"recent":["V2.6.4","v2.6.3","v2.6.2","v2.6.1","v2.6.0","v2.5.17","v2.5.16","v2.5.15","v2.5.14","v2.5.13","v2.5.12","v2.5.11","v2.5.10","v2.5.9","v2.5.8","v2.5.7","v2.5.6","v2.5.5","v2.5.4","v2.5.3"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":0,"first_published":null,"last_published":"2025-07-30T23:13:54+00:00","dependencies_count":15,"dependencies":["php","barryvdh/laravel-dompdf","brick/money","doctrine/dbal","guzzlehttp/guzzle","laravel/framework","laravel/jetstream","laravel/prompts","laravel/sanctum","laravel/tinker","livewire/livewire","nnjeim/world","opcodesio/log-viewer","spatie/laravel-model-status","spatie/laravel-permission"]},"github_stats":null,"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"use_with_caution","issues":["Moderate health score (50/100) — verify manually"],"use_version":"V2.6.4","version_hint":null,"summary":"yungifez/skuul@V2.6.4 low health (50/100) — consider alternatives"},"version_scoped":null,"_meta":{"endpoint":"check","tier":"full","philosophy":"DepScope is free. Use the cheapest endpoint that answers your real question.","cheaper_alternatives":[{"endpoint":"/api/exists/composer/yungifez%2Fskuul","tokens_estimated":12,"use_when":"you only need to know if the package exists (hallucination guard)"},{"endpoint":"/api/health/composer/yungifez%2Fskuul","tokens_estimated":80,"use_when":"you only need a 0-100 score for go/no-go (>=70 = safe)"},{"endpoint":"/api/prompt/composer/yungifez%2Fskuul","tokens_estimated":280,"use_when":"you want a plain-text LLM-friendly brief instead of JSON"},{"endpoint":"POST /api/check_bulk","tokens_estimated":60,"use_when":"you have 5+ packages to check; sends one round-trip instead of N"}],"docs":"https://depscope.dev/integrate"},"requested_version":null,"_cache":"miss","_response_ms":409,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":null,"last_release_days_ago":278,"avg_days_between_releases":null,"release_velocity":"moderate"}}