3 matches found
CVE-2023-5007
The CVE-2023-5007 entries describe an authenticated SQL injection in Student Information System v1.0, specifically in marks.php where the id parameter is not validated and is sent to the database unfiltered. Concrete details across connected docs: vulnerable component is marks.php (id parameter);...
CVE-2023-5007 Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi)
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-5007 Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi)
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database...