CVE-2024-35358 | Diño Physics School Assistant 2.3 Master.php id sql injection

Posted by Angelo Barbosa | May 30, 2024 | CVE

A vulnerability was found in Diño Physics School Assistant 2.3. It has been classified as critical. Affected is an unknown function of the file /classes/Master.php?f=view_category. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2024-35358. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-35358 | Diño Physics School Assistant 2.3 Master.php id sql injection

Related Posts

CVE-2023-51479 | Abdul Hakeem Build App Online Plugin up to 1.0.19 on WordPress privileges management

CVE-2024-25956 | Dell Grab up to 5.0.4 on Windows permission assignment (dsa-2024-121)

CVE-2024-4042 | Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel Plugin Block Attribute cross site scripting

CVE-2023-48324 | Awesome Support Plugin up to 6.1.4 on WordPress wpas_edit_reply_ajax authorization