A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/course_action.php. The manipulation of the argument course_code leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Metrics
Affected Vendors & Products
References
History
Mon, 23 Dec 2024 00:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/course_action.php. The manipulation of the argument course_code leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |
Title | 1000 Projects Attendance Tracking Management System course_action.php sql injection | |
Weaknesses | CWE-74 CWE-89 |
|
References |
| |
Metrics |
cvssV2_0
|
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2024-12-23T00:31:04.662Z
Updated: 2024-12-23T00:31:04.662Z
Reserved: 2024-12-22T16:30:19.614Z
Link: CVE-2024-12899
Vulnrichment
No data.
NVD
Status : Received
Published: 2024-12-23T01:15:07.020
Modified: 2024-12-23T01:15:07.020
Link: CVE-2024-12899
Redhat
No data.