CVE-2024-5235 | Campcodes Complete Web-Based School Management System 1.0 teacher_salary_invoice.php teacher_id sql injection

Inserito da Angelo Barbosa | Mag 22, 2024 | CVE

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teacher_salary_invoice.php. The manipulation of the argument teacher_id leads to sql injection.

This vulnerability is traded as CVE-2024-5235. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-5235 | Campcodes Complete Web-Based School Management System 1.0 teacher_salary_invoice.php teacher_id sql injection

Post correlati

CVE-2023-43317 | Coign CRM Portal 06.06 Storage Component userPermissionsList permission

CVE-2024-41143 | Sky SKYSEA Client View up to 19.210.04e origin validation

CVE-2024-38576 | Linux Kernel up to 6.1.92/6.6.32/6.8.11/6.9.2 rcu print_cpu_stall_info buffer overflow

CVE-2024-28250 | Cilium up to 1.14.7/1.15.1 WireGuard missing encryption (GHSA-v6q2-4qr3-5cw6)