CVE-2024-6274 | lahirudanushka School Management System 1.0.0/1.0.1 Attendance Report Page /attendancelist.php aid sql injection

Inserito da Angelo Barbosa | Giu 23, 2024 | CVE

A vulnerability classified as critical has been found in lahirudanushka School Management System 1.0.0/1.0.1. This affects an unknown part of the file /attendancelist.php of the component Attendance Report Page. The manipulation of the argument aid leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-6274. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-6274 | lahirudanushka School Management System 1.0.0/1.0.1 Attendance Report Page /attendancelist.php aid sql injection

Post correlati

CVE-2023-47789 | WooCommerce Canada Post Shipping Method Plugin up to 2.8.3 on WordPress cross-site request forgery

CVE-2024-7854 | Woo Inquiry Plugin up to 0.1 on WordPress sql injection

CVE-2024-1174 | HP ThinPro up to 8.0 SP7 Privilege Escalation

CVE-2024-10697 | Tenda AC6 15.03.05.19 API Endpoint /goform/WriteFacMac formWriteFacMac The command injection