Описание
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands.
Ссылки
- Third Party Advisory
- Not Applicable
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:vishalmathur:cloudclassroom-php_project:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00032
Низкий
7.3 High
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 7.3
github
8 месяцев назад
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands.
EPSS
Процентиль: 9%
0.00032
Низкий
7.3 High
CVSS3
Дефекты
CWE-89