CVE Details
Basic Information
| Title | code-projects School Fees Payment System branch.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-10T20:31:09.803Z |
| Last Seen |
Product Information
| Vendor | code-projects |
|---|---|
| Product | School Fees Payment System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A critical SQL injection vulnerability exists in the School Fees Payment System version 1.0, allowing remote attackers to inject malicious SQL code via the ID argument in branch.php. This could lead to unauthorized data access and manipulation. |
|---|---|
| AI Severity | Medium |
| Vendor | code-projects |
| Product | School Fees Payment System |
| Affected Version | 1.0 |
Affected Products
- code-projects School Fees Payment System 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family |
References
Description
A vulnerability classified as critical has been found in code-projects School Fees Payment System 1.0. This affects an unknown part of the file /branch.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.