CVE-2023-48722 | Project Worlds Student Result Management System 1.0 add_results.php class_name sql injection

Inserito da Angelo Barbosa | Dic 22, 2023 | CVE

A vulnerability, which was classified as critical, was found in Project Worlds Student Result Management System 1.0. Affected is an unknown function of the file add_results.php. The manipulation of the argument class_name leads to sql injection.

This vulnerability is traded as CVE-2023-48722. It is possible to launch the attack remotely. There is no exploit available.

CVE-2023-48722 | Project Worlds Student Result Management System 1.0 add_results.php class_name sql injection

Post correlati

CVE-2023-6398 | Zyxel ATP os command injection

CVE-2024-7684 | SourceCodester Kortex Lite Advocate Office Management System 1.0 add_act.php aname cross site scripting

CVE-2024-3670 | harmr Leaflet Maps Marker Plugin up to 3.12.8 on WordPress Shortcode mapsmarker cross site scripting (ID 3069915)

VDB-263599 | Campcodes Complete Web-Based School Management System 1.0 /view/find_friends.php my_type cross site scripting