Vulnerability CVE-2023-6617


Published: 2023-12-08   Modified: 2023-12-14

Description:
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been classified as critical. Affected is an unknown function of the file attendance.php. The manipulation of the argument class_id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-247254 is the identifier assigned to this vulnerability.

Type:

CWE-89

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

Affected software
Oretnom23 -> Simple student attendance system 

 References:
https://vuldb.com/?id.247254
https://vuldb.com/?ctiid.247254
https://www.yuque.com/u39339523/el4dxs/gcsvdc5oohx6v38c

Copyright 2024, cxsecurity.com

 

Back to Top