Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Fluid Attacks

Published: 2023-12-20T15:58:34.088Z

Updated: 2024-09-16T18:24:47.219Z

Reserved: 2023-09-15T21:43:30.060Z

Link: CVE-2023-5007

cve-icon Vulnrichment

Updated: 2024-08-02T07:44:53.279Z

cve-icon NVD

Status : Modified

Published: 2023-12-20T16:15:09.987

Modified: 2024-11-21T08:40:52.537

Link: CVE-2023-5007

cve-icon Redhat

No data.