CVE-2023-5926

Опубликовано: 02 нояб. 2023

Источник: nvd

CVSS3: 5.5

CVSS3: 7.5

CVSS2: 5.2

EPSS Низкий

Описание

A vulnerability, which was classified as critical, was found in Campcodes Simple Student Information System 1.0. Affected is an unknown function of the file /admin/students/update_status.php. The manipulation of the argument student_id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-244326 is the identifier assigned to this vulnerability.

Ссылки

https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%204.pdf
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.244326
Permissions Required
Third Party Advisory
https://vuldb.com/?id.244326
Third Party Advisory
https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%204.pdf
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.244326
Permissions Required
Third Party Advisory
https://vuldb.com/?id.244326
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:simple_student_information_system_project:simple_student_information_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 14%

0.00046

Низкий

5.5 Medium

CVSS3

7.5 High

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-q74j-f47m-qmrm

CVSS3: 5.5

github

больше 2 лет назад

EPSS

Процентиль: 14%

0.00046

Низкий

5.5 Medium

CVSS3

7.5 High

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89