CVE-2024-35359 | Diño Physics School Assistant 2.3 Master.php id sql injection

Inserito da Angelo Barbosa | Mag 30, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Diño Physics School Assistant 2.3. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=view_item. The manipulation of the argument id leads to sql injection.

This vulnerability is handled as CVE-2024-35359. The attack may be launched remotely. There is no exploit available.

CVE-2024-35359 | Diño Physics School Assistant 2.3 Master.php id sql injection

Post correlati

TP-Link TL-WR841N ated_tp command injection (ZDI-23-1624)

CVE-2024-44778 | vTiger CRM 7.4.0 parent cross site scripting

CVE-2023-35136 | Zyxel ATP/USG FLEX/USG FLEX 50/USG20-VPN/VPN Configuration File information disclosure

CVE-2023-51972 | Tenda AX1803 1.0.0.1 fromAdvSetLanIp command injection