Lucene search
HistoryNov 14, 2023 - 10:15 p.m.
CVE-2023-46024
sql injection
phpgurukul
teacher subject allocation management system 1.0
searchdata parameter
sensitive information
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
47.2%
SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary SQL commands and obtain sensitive information via the ‘searchdata’ parameter.
Affected configurations
Node
phpgurukulteacher_subject_allocation_management_systemMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpgurukul | teacher_subject_allocation_management_system | 1.0 | cpe:2.3:a:phpgurukul:teacher_subject_allocation_management_system:1.0:*:*:*:*:*:*:* |
Related
packetstorm
packetstorm
Teacher Subject Allocation Management System 1.0 SQL Injection
2024-03-20 00:00:00
cvelist
cvelist
CVE-2023-46024
2023-11-14 00:00:00
exploitdb
exploitdb
zdt
zdt
cve
cve
CVE-2023-46024
2023-11-14 22:15:30
prion
prion
Sql injection
2023-11-14 22:15:00
vulnrichment
vulnrichment
CVE-2023-46024
2023-11-14 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
47.2%
Related for NVD:CVE-2023-46024