A vulnerability, which was classified as critical, has been found in Campcodes Simple Student Information System 1.0. This issue affects some unknown processing of the file /classes/Master.php. The manipulation of the argument f leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-244325 was assigned to this vulnerability.
References
| Link | Resource |
|---|---|
| https://vuldb.com/?ctiid.244325 | Permissions Required Third Party Advisory |
| https://vuldb.com/?id.244325 | Third Party Advisory |
| https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%203.pdf | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
09 Nov 2023, 20:56
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://vuldb.com/?id.244325 - Third Party Advisory | |
| References | (MISC) https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%203.pdf - Exploit, Third Party Advisory | |
| References | (MISC) https://vuldb.com/?ctiid.244325 - Permissions Required, Third Party Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
| CPE | cpe:2.3:a:simple_student_information_system_project:simple_student_information_system:1.0:*:*:*:*:*:*:* | |
| First Time |
Simple Student Information System Project simple Student Information System
Simple Student Information System Project |
02 Nov 2023, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-11-02 20:15
Updated : 2024-05-17 02:33
NVD link : CVE-2023-5925
Mitre link : CVE-2023-5925
JSON object : View
Products Affected
simple_student_information_system_project
- simple_student_information_system
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')