Описание
A vulnerability was found in itsourcecode Online Student Enrollment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file listofinstructor.php. The manipulation of the argument FullName leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266309 was assigned to this vulnerability.
Ссылки
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:itsourcecode:online_student_enrollment_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.00078
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
CWE-89
EPSS
Процентиль: 24%
0.00078
Низкий
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
CWE-89