Описание
SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php.
Ссылки
- ExploitThird Party Advisory
- Product
- Product
- ExploitThird Party Advisory
- Product
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:school_faculty_scheduling_system_project:school_faculty_scheduling_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.011
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
больше 2 лет назад
SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php.
EPSS
Процентиль: 78%
0.011
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-89