CVSS: 9.8EPSS: %CPEs: 1EXPL: 1CVE-2024-35359
https://notcve.org/view.php?id=CVE-2024-35359
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=view_item. Manipulating the argument id can result in SQL injection. Se ha descubierto una vulnerabilidad en la versión 2.3 de Diño Physics School Assistant. • https://vuln.pentester.stream/pentester-vulnerability-research/post/2298737/vuln15-blind-sql-injection-time-based • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: %CPEs: 1EXPL: 1CVE-2024-35349
https://notcve.org/view.php?id=CVE-2024-35349
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/category/view_category.php. Manipulating the argument id can result in SQL injection. Se ha descubierto una vulnerabilidad en la versión 2.3 de Diño Physics School Assistant. La vulnerabilidad afecta a un código no identificado dentro del archivo /admin/category/view_category.php. • https://vuln.pentester.stream/pentester-vulnerability-research/post/2298565/vuln4-blind-sql-injection-time-based • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •