CVE-2024-33967 | Janobe School Attendance Monitoring System 1.0 attendance_print.php Attendance/YearLevel sql injection

Posted by Angelo Barbosa | Aug 6, 2024 | CVE

A vulnerability was found in Janobe School Attendance Monitoring System and School Event Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /AttendanceMonitoring/report/attendance_print.php. The manipulation of the argument Attendance/YearLevel leads to sql injection.

This vulnerability is handled as CVE-2024-33967. The attack may be launched remotely. There is no exploit available.

CVE-2024-33967 | Janobe School Attendance Monitoring System 1.0 attendance_print.php Attendance/YearLevel sql injection

Related Posts

CVE-2023-51535 | СleanTalk Anti-Spam Protection Spam protection, Anti-Spam, FireWall Plugin cross-site request forgery

CVE-2023-48806 | Totolink X6000R 9.4.0cu.852_B20230719 shttpd sub_4119A0 Privilege Escalation

CVE-2024-32831 | Lorna Timbah Accessibility Widget Plugin up to 2.2 on WordPress cross site scripting

CVE-2024-35124 | IBM OpenBMC up to FW1020.60/FW1030.50/FW1050.10 authentication bypass (XFDB-290674)