CVE-2024-7167 | SourceCodester School Fees Payment System 1.0 /manage_course.php id sql injection

Posted by Angelo Barbosa | Jul 27, 2024 | CVE

A vulnerability was found in SourceCodester School Fees Payment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /manage_course.php. The manipulation of the argument id leads to sql injection.

This vulnerability is known as CVE-2024-7167. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-7167 | SourceCodester School Fees Payment System 1.0 /manage_course.php id sql injection

Related Posts

CVE-2024-4651 | Campcodes Complete Web-Based School Management System 1.0 student_attendance_history1.php year cross site scripting

CVE-2023-6627 | WP Go Maps Plugin up to 9.0.27 on WordPress REST API cross site scripting

CVE-2024-6948 | Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120 Slide Editor /slideeditor.php newSlideFile unrestricted upload

CVE-2024-23729 | ColorOS Internet Browser 45.10.3.4.1 on Android com.android.browser.RealBrowserActivity cross site scripting