SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'studid' in '/candidate/controller.php' parameter.
History

Thu, 08 Aug 2024 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Janobe school Attendance Monitoring System
CPEs cpe:2.3:a:janobe:school_attendance_monitoring_system:1.0:*:*:*:*:*:*:*
Vendors & Products Janobe school Attendance Monitoring System
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 08 Aug 2024 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Janobe
Janobe credit Card
Janobe debit Card Payment
Janobe paypal
Janobe school Attendence Monitoring System
Janobe school Event Management System
CPEs cpe:2.3:a:janobe:credit_card:1.0:*:*:*:*:*:*:*
cpe:2.3:a:janobe:debit_card_payment:1.0:*:*:*:*:*:*:*
cpe:2.3:a:janobe:paypal:1.0:*:*:*:*:*:*:*
cpe:2.3:a:janobe:school_attendence_monitoring_system:1.0:*:*:*:*:*:*:*
cpe:2.3:a:janobe:school_event_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Janobe
Janobe credit Card
Janobe debit Card Payment
Janobe paypal
Janobe school Attendence Monitoring System
Janobe school Event Management System

cve-icon MITRE

Status: PUBLISHED

Assigner: INCIBE

Published: 2024-08-06T11:55:29.937Z

Updated: 2024-08-08T15:53:35.811Z

Reserved: 2024-04-29T12:38:37.773Z

Link: CVE-2024-33970

cve-icon Vulnrichment

Updated: 2024-08-08T15:53:29.357Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-06T12:15:51.330

Modified: 2024-08-08T15:26:48.940

Link: CVE-2024-33970

cve-icon Redhat

No data.