CVE-2024-35355 | Diño Physics School Assistant 2.3 Master.php id sql injection

Posted by Angelo Barbosa | May 30, 2024 | CVE

A vulnerability classified as critical was found in Diño Physics School Assistant 2.3. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to sql injection.

This vulnerability is known as CVE-2024-35355. The attack can be launched remotely. There is no exploit available.

CVE-2024-35355 | Diño Physics School Assistant 2.3 Master.php id sql injection

Related Posts

CVE-2023-49722 | Bosch BCC101/BCC102/BCC50 prior 4.13.33 WiFi Firmware excessive attack surface

CVE-2024-39143 | ResidenceCMS 2.10.1 cross site scripting

CVE-2023-7110 | code-projects Library Management System 2.0 login.php student sql injection

CVE-2024-34329 | Entrust Datacard XPS Card Printer Driver up to 8.4 DLL Local Privilege Escalation