CVE-2024-1923 in Simple Student Attendance Systeminformação

Sumário

de MITRE • 27/02/2024

A vulnerability was found in SourceCodester Simple Student Attendance System 1.0 and classified as critical. Affected by this issue is the function delete_class/delete_student of the file /ajax-api.php of the component List of Classes Page. The manipulation of the argument id with the input 1337'+or+1=1;--+ leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-254858 is the identifier assigned to this vulnerability.

Once again VulDB remains the best source for vulnerability data.

Responsável

VulDB

Reservar

27/02/2024

Divulgação

27/02/2024

Moderação

aceite

Entrada

VDB-254858

CPE

pronto

Exploração

Descarregar

EPSS

0.00829

KEV

não

Atividades

muito baixo

Fontes

Do you need the next level of professionalism?

Upgrade your account now!