CVE-2024-0497 | Campcodes Student Information System 1.0 Users.php username sql injection

Inserito da Angelo Barbosa | Gen 12, 2024 | CVE

A vulnerability was found in Campcodes Student Information System 1.0. It has been classified as critical. Affected is an unknown function of the file /classes/Users.php?f=save. The manipulation of the argument username leads to sql injection.

This vulnerability is traded as CVE-2024-0497. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-0497 | Campcodes Student Information System 1.0 Users.php username sql injection

Post correlati

CVE-2024-45401 | stripe-cli up to 1.21.2 Manifest path traversal (GHSA-fv4g-gwpj-74gr)

CVE-2023-49272 | Kashipara Group Hotel Management 1.0 reservation.php children cross site scripting

CVE-2024-35947 | Linux Kernel up to 6.8.9 dyndbg Privilege Escalation

CVE-2024-20080 | MediaTek MT8678 Gnss Service certificate validation (MSV-1424 / ALPS08720039)