CVE-2023-5928

Опубликовано: 02 нояб. 2023

Источник: nvd

CVSS3: 5.5

CVSS3: 7.5

CVSS2: 5.2

EPSS Низкий

Описание

A vulnerability was found in Campcodes Simple Student Information System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/departments/manage_department.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-244328.

Ссылки

https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%206.pdf
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.244328
Permissions Required
Third Party Advisory
https://vuldb.com/?id.244328
Third Party Advisory
https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%206.pdf
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.244328
Permissions Required
Third Party Advisory
https://vuldb.com/?id.244328
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:simple_student_information_system_project:simple_student_information_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 14%

0.00046

Низкий

5.5 Medium

CVSS3

7.5 High

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-j2g5-rghp-x9px

CVSS3: 5.5

github

больше 2 лет назад

EPSS

Процентиль: 14%

0.00046

Низкий

5.5 Medium

CVSS3

7.5 High

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89