A vulnerability was found in Codezips Free Exam Hall Seating Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
History

Mon, 04 Nov 2024 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Codezips
Codezips free Exam Hall Seating Management System
CPEs cpe:2.3:a:codezips:free_exam_hall_seating_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Codezips
Codezips free Exam Hall Seating Management System
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 03 Nov 2024 14:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in Codezips Free Exam Hall Seating Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Title Codezips Free Exam Hall Seating Management System student.php sql injection
Weaknesses CWE-89
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-11-03T14:31:04.727Z

Updated: 2024-11-04T20:20:17.861Z

Reserved: 2024-11-02T18:13:16.787Z

Link: CVE-2024-10736

cve-icon Vulnrichment

Updated: 2024-11-04T20:20:11.416Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-03T15:15:03.113

Modified: 2024-11-05T18:03:25.563

Link: CVE-2024-10736

cve-icon Redhat

No data.