CVE-2024-35349

2024-05-3017:15:33

[email protected]

web.nvd.nist.gov

diño physics school

sql injection

vulnerability

version 2.3

7.7 High

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

JSON

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/category/view_category.php. Manipulating the argument id can result in SQL injection.

References

vuln.pentester.stream/pentester-vulnerability-research/post/2298565/vuln4-blind-sql-injection-time-based