Vulnerability CVE-2023-6657


Published: 2023-12-10   Modified: 2023-12-14

Description:
A vulnerability classified as critical has been found in SourceCodester Simple Student Attendance System 1.0. This affects an unknown part of the file /modals/student_form.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-247365 was assigned to this vulnerability.

Type:

CWE-89

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

Affected software
Oretnom23 -> Simple student attendance system 

 References:
https://vuldb.com/?id.247365
https://vuldb.com/?ctiid.247365
https://github.com/daydust/vuln/blob/main/Simple_Student_Attendance_System/student_form.php_SQL_injection.md

Copyright 2024, cxsecurity.com

 

Back to Top