1 results (0.003 seconds)
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13025 – Codezips College Management System faculty.php sql injection
https://notcve.org/view.php?id=CVE-2024-13025
29 Dec 2024 — A vulnerability was found in Codezips College Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Front-end/faculty.php. The manipulation of the argument book_name/book_author leads to sql injection. It is possible to launch the attack remotely. • https://github.com/shaturo1337/POCs/blob/main/SQL%20Injection%20in%20College%20Management%20System.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •