3 matches found
CVE-2023-39850
CVE-2023-39850 : Schoolmate v1.3 contains multiple SQL injection vulnerabilities in DeleteFunctions.php, exploitable via the parameters $courseid and $teacherid. The NVD entry rates the impact as CRITICAL (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating potential high confidentiality, ...
CVE-2023-40944
CVE-2023-40944 affects Schoolmate 1.3 with a SQL Injection in the variable $schoolname used in the database query in header.php. The vulnerability is characterized as CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base score 9.8 (CRITICAL). Connected sources corroborate the issue across multiple...
CVE-2023-40946
CVE-2023-40946 affects Schoolmate 1.3 with a SQL Injection in the SESSION variable $username used in ValidateLogin.php. The NVD entry lists CVSS v3.1: 9.8 (CRITICAL) with network attack vector, no user interaction, and no privileges required; impact to confidentiality, integrity, and availability...