CVE-2023-6617

critical

Description

A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been classified as critical. Affected is an unknown function of the file attendance.php. The manipulation of the argument class_id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-247254 is the identifier assigned to this vulnerability.

References

https://www.yuque.com/u39339523/el4dxs/gcsvdc5oohx6v38c

https://vuldb.com/?id.247254

https://vuldb.com/?ctiid.247254

Details

Source: Mitre, NVD

Published: 2023-12-08

Updated: 2024-05-17

Risk Information

CVSS v2

Base Score: 5.2

Vector: CVSS2#AV:A/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical