Описание
A vulnerability was found in SourceCodester School Intramurals Student Attendance Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage_sy.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-266290 is the identifier assigned to this vulnerability.
Ссылки
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:oretnom23:school_intramurals_-_student_attendance_management_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 28%
0.00099
Низкий
6.3 Medium
CVSS3
9.8 Critical
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
EPSS
Процентиль: 28%
0.00099
Низкий
6.3 Medium
CVSS3
9.8 Critical
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89