Lucene search

[email protected]NVD:CVE-2024-42573

HistoryAug 20, 2024 - 1:15 p.m.

CVE-2024-42573

2024-08-2013:15:08

CWE-89

[email protected]

web.nvd.nist.gov

school management system

sql injection

vulnerability

dtmarks.php

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

43.9%

JSON

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php.

Affected configurations

Nvd

Node

arajajyothibabuschool_management_systemRange<2020-06-20

VendorProductVersionCPE
arajajyothibabuschool_management_system*cpe:2.3:a:arajajyothibabu:school_management_system:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
arajajyothibabu	school_management_system	*	cpe:2.3:a:arajajyothibabu:school_management_system::::::::

References

gist.github.com/topsky979/d44aabca29c1a6a9845fde465b924e79

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

43.9%

JSON

Related for NVD:CVE-2024-42573

vulnrichment1 cvelist1 cve1