Lucene search

CVE-2024-5115

🗓️ 20 May 2024 04:08:15Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 46 Views🌐 WEB

Critical SQL Injection in Campcodes School Management System 1.0

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 3
NVD	CVE-2024-5115	20 May 202404:15	–	nvd
Cvelist	CVE-2024-5115 Campcodes Complete Web-Based School Management System teacher_profile.php sql injection	20 May 202403:31	–	cvelist
Vulnrichment	CVE-2024-5115 Campcodes Complete Web-Based School Management System teacher_profile.php sql injection	20 May 202403:31	–	vulnrichment

Nvd

Vulners

Node

campcodes complete_web-based_school_management_systemMatch1.0

[
  {
    "vendor": "Campcodes",
    "product": "Complete Web-Based School Management System",
    "versions": [
      {
        "version": "1.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
github	www.github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2020.pdf
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

Parameter	Position	Path	Description	CWE
index	query param	/view/teacher_profile.php	SQL injection vulnerability due to improper handling of the 'index' parameter in the teacher profile view.	CWE-89

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 May 2024 04:15Current

7.4High risk

Vulners AI Score7.4

CVSS26.5

CVSS36.3 - 6.5

CVSS45.3

EPSS0.00024

SSVC

CWE-89