Отправить #844846: CodeAstro Student Attendance Management System v1 SQL InjectionИнформация

НазваниеCodeAstro Student Attendance Management System v1 SQL Injection
ОписаниеA SQL injection vulnerability exists in CodeAstro Student Attendance Management System v1.0 in the /attendance-php/Admin/createSessionTerm.php file. The application does not properly validate, sanitize, or parameterize the sessionName POST parameter before using it in SQL queries. An attacker can supply crafted input through the sessionName parameter and alter the intended SQL query logic. This may allow unauthorized database access, disclosure of sensitive data, data modification, or service disruption, depending on the privileges assigned to the database user.
Источник⚠️ https://github.com/freddymuch/Vul/issues/2
Пользователь
 freddymuch (UID 98644)
Представление01.06.2026 13:59 (1 месяц назад)
Модерация03.07.2026 18:45 (1 month later)
СтатусДубликат
Запись VulDB319151 [Student Attendance Management System 1.0 createSessionTerm.php sessionName SQL-инъекция]
Баллы0

Want to know what is going to be exploited?

We predict KEV entries!