Описание
A SQL injection vulnerability in /model/all_events1.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the month parameter.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:campcodes:complete_web-based_school_management_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.00051
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 5.3
github
больше 1 года назад
A SQL injection vulnerability in /model/all_events1.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the month parameter.
EPSS
Процентиль: 16%
0.00051
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-89