2 matches found
CVE-2024-34936
A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter...
CVE-2024-34936
Campcodes Complete Web-Based School Management System 1.0 has a SQL injection in /view/event1.php triggered by the month parameter. The vulnerability allows execution of arbitrary SQL commands, with CVSS v3.1 base metrics: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L (8.6, HIGH). Root cause: unsanitized/u...