Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Fluid Attacks
Published: 2023-12-20T15:58:34.088Z
Updated: 2024-09-16T18:24:47.219Z
Reserved: 2023-09-15T21:43:30.060Z
Link: CVE-2023-5007
Vulnrichment
Updated: 2024-08-02T07:44:53.279Z
NVD
Status : Modified
Published: 2023-12-20T16:15:09.987
Modified: 2024-11-21T08:40:52.537
Link: CVE-2023-5007
Redhat
No data.