A vulnerability has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
History

Mon, 01 Sep 2025 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Sourcecodester
Sourcecodester school Log Management System
CPEs cpe:2.3:a:sourcecodester:school_log_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Sourcecodester
Sourcecodester school Log Management System
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 01 Sep 2025 10:15:00 +0000

Type Values Removed Values Added
Description A vulnerability classified as critical has been found in SourceCodester School Log Management System 1.0. Affected is an unknown function of the file /admin/ajax.php?action=login. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-272790 is the identifier assigned to this vulnerability. A vulnerability has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Title SourceCodester School Log Management System sql injection SourceCodester/Campcodes School Log Management System ajax.php sql injection
Weaknesses CWE-74
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N'}

cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}


Fri, 23 Aug 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Oretnom23
Oretnom23 school Log Management System
CPEs cpe:2.3:a:oretnom23:school_log_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Oretnom23
Oretnom23 school Log Management System

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-09-01T09:59:21.550Z

Reserved: 2024-07-29T18:21:41.704Z

Link: CVE-2024-7219

cve-icon Vulnrichment

Updated: 2024-08-01T21:52:31.484Z

cve-icon NVD

Status : Modified

Published: 2024-07-30T06:15:04.143

Modified: 2025-09-01T10:15:32.727

Link: CVE-2024-7219

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.