CVE-2023-6658 | SourceCodester Simple Student Attendance System 1.0 ajax-api.php class_id sql injection

Inserito da Angelo Barbosa | Dic 10, 2023 | CVE

A vulnerability classified as critical was found in SourceCodester Simple Student Attendance System 1.0. This vulnerability affects unknown code of the file ajax-api.php?action=save_attendance. The manipulation of the argument class_id leads to sql injection.

This vulnerability was named CVE-2023-6658. The attack needs to be approached within the local network. Furthermore, there is an exploit available.

CVE-2023-6658 | SourceCodester Simple Student Attendance System 1.0 ajax-api.php class_id sql injection

Post correlati

CVE-2024-25128 | dpgaspar Flask-AppBuilder up to 4.3.10 OpenID Service improper authentication

CVE-2024-6027 | Themify Plugin up to 1.4.9 on WordPress conditions sql injection

CVE-2024-20309 | Cisco IOS XE up to 17.6.6 AUX unknown vulnerability (cisco-sa-aux-333WBz8f)

CVE-2024-29686 | Winter CMS 1.2.3 CMS Pages Field/Plugin injection (Exploit 51893)