A vulnerability was found in Diño Physics School Assistant 2.3. It has been classified as critical. Affected is an unknown function of the file /classes/Master.php?f=view_category. The manipulation of the argument id leads to sql injection.
This vulnerability is traded as CVE-2024-35358. It is possible to launch the attack remotely. There is no exploit available.