2 matches found
CVE-2024-1923 SourceCodester Simple Student Attendance System List of Classes Page ajax-api.php delete_student sql injection
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0 and classified as critical. Affected by this issue is the function deleteclass/deletestudent of the file /ajax-api.php of the component List of Classes Page. The manipulation of the argument id with the input...
CVE-2024-1923
SourceCodester Simple Student Attendance System 1.0 is affected by a SQL injection in the List of Classes Page, in the AJAX endpoint /ajax-api.php (delete_class/delete_student) via the id parameter with payload like 1337'+or+1=1;--+. This remote, unauthenticated vulnerability is triggered by user...