CVE-2024-33808 | campcodes Complete Web-Based School Management System 1.0 /model/get_timetable.php id sql injection

Inserito da Angelo Barbosa | Mag 28, 2024 | CVE

A vulnerability was found in campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. This affects an unknown part of the file /model/get_timetable.php. The manipulation of the argument id leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-33808. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-33808 | campcodes Complete Web-Based School Management System 1.0 /model/get_timetable.php id sql injection

Post correlati

CVE-2024-36963 | Linux Kernel up to 6.6.30/6.8.9 tracefs /sys/kernel/tracing current_tracer permission (5f91fc82794d/414fb0862814/baa23a8d4360)

CVE-2024-5444 | Bible Text Plugin up to 0.2 on WordPress cross site scripting

CVE-2024-38583 | Linux Kernel up to 6.9.2 nilfs2 sc_timer use after free

CVE-2023-7145 | gopeak MasterLab up to 3.3.10 HTTP POST Request app/ctrl/Framework.php sqlInject pwd sql injection