A vulnerability classified as critical was found in SourceCodester Simple Student Attendance System 1.0. This vulnerability affects unknown code of the file ajax-api.php?action=save_attendance. The manipulation of the argument class_id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-247366 is the identifier assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/daydust/vuln/blob/main/Simple_Student_Attendance_System/ajax-api.php_SQL-injection.md | Third Party Advisory |
https://vuldb.com/?ctiid.247366 | Permissions Required Third Party Advisory |
https://vuldb.com/?id.247366 | Permissions Required Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: VulDB
Published: 2023-12-10T23:00:05.543Z
Updated: 2023-12-10T23:00:05.543Z
Reserved: 2023-12-10T07:12:33.061Z
Link: CVE-2023-6658
JSON object: View
NVD Information
Status : Modified
Published: 2023-12-10T23:15:07.313
Modified: 2024-05-17T02:33:51.170
Link: CVE-2023-6658
JSON object: View
Redhat Information
No data.
CWE