6 matches found
CVE-2023-27259
Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction of sensitive student and teacher data by unauthenticated attackers...
CVE-2023-27262
Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...
CVE-2023-27260
Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...
IDAttend IDWeb SQL Injection Vulnerability
IDAttend IDWeb is a web-based module from IDAttend, Inc. A security vulnerability exists in IDAttend IDWeb version 3.1.052 and prior versions, which stems from an unauthenticated SQL injection in the GetAssignmentsDue method...
IDAttend IDWeb SQL Injection Vulnerability
IDAttend IDWeb is a web-based module from IDAttend, Inc. A security vulnerability exists in IDAttend IDWeb version 3.1.052 and prior versions, which stems from an unauthenticated SQL injection in the GetAssignmentsDue method...
PT-2023-21041 · Idweb · Idweb
Name of the Vulnerable Software and Affected Versions: IDWeb application versions 3.1.052 and earlier Description: The issue concerns an unauthenticated SQL injection in the GetAssignmentsDue method. This allows unauthenticated attackers to extract or modify all data. Recommendations: For version...