Lucene search
MitreCVE-2024-25304HistoryFeb 09, 2024 - 1:15 p.m.
CVE-2024-25304
2024-02-0913:15:41
CWE-89
mitre
web.nvd.nist.gov
53
cve-2024-25304
sql injection
code-projects
simple school management system 1.0
nvd
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
9.1
Confidence
High
EPSS
0.001
Percentile
19.3%
Code-projects Simple School Managment System 1.0 allows SQL Injection via the ‘apass’ parameter at “School/index.php.”
Affected configurations
Node
code-projectssimple_school_management_systemMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| code-projects | simple_school_management_system | 1.0 | cpe:2.3:a:code-projects:simple_school_management_system:1.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2024-25304
2024-02-09 00:00:00
prion
prion
Sql injection
2024-02-09 13:15:00
cnvd
cnvd
Simple School Managment System SQL Injection Vulnerability (CNVD-2024-14038)
2024-02-28 00:00:00
nvd
nvd
CVE-2024-25304
2024-02-09 13:15:41
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
9.1
Confidence
High
EPSS
0.001
Percentile
19.3%
Related for CVE-2024-25304