A vulnerability was found in Campcodes Simple Student Information System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/departments/manage_department.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-244328.
References
| Link | Resource |
|---|---|
| https://vuldb.com/?id.244328 | Third Party Advisory |
| https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%206.pdf | Exploit Third Party Advisory |
| https://vuldb.com/?ctiid.244328 | Permissions Required Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
09 Nov 2023, 20:32
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%206.pdf - Exploit, Third Party Advisory | |
| References | (MISC) https://vuldb.com/?ctiid.244328 - Permissions Required, Third Party Advisory | |
| References | (MISC) https://vuldb.com/?id.244328 - Third Party Advisory | |
| First Time |
Simple Student Information System Project simple Student Information System
Simple Student Information System Project |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
| CPE | cpe:2.3:a:simple_student_information_system_project:simple_student_information_system:1.0:*:*:*:*:*:*:* |
02 Nov 2023, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-11-02 20:15
Updated : 2024-05-17 02:33
NVD link : CVE-2023-5928
Mitre link : CVE-2023-5928
JSON object : View
Products Affected
simple_student_information_system_project
- simple_student_information_system
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')