CVE-2023-5924

Опубликовано: 02 нояб. 2023

Источник: nvd

CVSS3: 5.5

CVSS3: 7.5

CVSS2: 5.2

EPSS Низкий

Описание

A vulnerability classified as critical was found in Campcodes Simple Student Information System 1.0. This vulnerability affects unknown code of the file /admin/courses/view_course.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-244324.

Ссылки

https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%202.pdf
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.244324
Permissions Required
Third Party Advisory
https://vuldb.com/?id.244324
Third Party Advisory
https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%202.pdf
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.244324
Permissions Required
Third Party Advisory
https://vuldb.com/?id.244324
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:simple_student_information_system_project:simple_student_information_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 14%

0.00046

Низкий

5.5 Medium

CVSS3

7.5 High

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-43wm-954j-5r5w

CVSS3: 5.5

github

больше 2 лет назад

EPSS

Процентиль: 14%

0.00046

Низкий

5.5 Medium

CVSS3

7.5 High

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89