4 matches found
CVE-2023-48718
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'classname' parameter of the addstudents.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-48718 Student Result Management System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'classname' parameter of the addstudents.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-48718
The CVE-2023-48718 entry affects Student Result Management System v1.0, with unauthenticated SQL Injection via the add_students.php resource where the class_name parameter is not validated before sending to the database. Root cause: unsanitized user input reaching SQL queries. Impact: high (per C...
CVE-2023-48718 Student Result Management System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'classname' parameter of the addstudents.php resource does not validate the characters received and they are sent unfiltered to the database...