Impact
The vulnerability is a classic SQL injection flaw in the cp_id parameter of the learningpath layout of King LMS King Professional 3.2.4.0. Attackers who can send HTTP GET requests can inject SQL code that is executed directly against the underlying database. The result is the ability to read arbitrary tables, including those containing user credentials or other sensitive data. The flaw is unauthenticated, meaning it does not require an established session or privileged user account to be exploited. The weakness corresponds to CWE‑89.
Affected Systems
King LMS King Professional version 3.2.4.0. The software is distributed by King-products under the title LMS King Professional, and the vulnerability exists only in that version. No other versions were enumerated, so only installations running 3.2.4.0 are impacted.
Risk and Exploitability
The CVSS score of 8.8 places the flaw in the high severity range, and the lack of an authentication requirement means the attack can be carried out over the Internet by any user with network access to the web forum. The EPSS score is not available, but the public exploitation references—including an Exploit‑DB entry—indicate that attackers have already demonstrated practical exploits. Because the vulnerability is in a database‑access layer, the primary risk is confidentiality breach, with potential lateral movement if the extracted data includes system credentials. The vulnerability is not listed in the CISA KEV catalog, so it may not yet be widely known within supply‑chain risk frameworks.
OpenCVE Enrichment