CVE Details
Basic Information
| Title | Kashipara College Management System view_each_faculty.php sql injection |
|---|---|
| Type | cve |
| Published | 2024-05-12T18:31:04.244Z |
| Modified | 2024-08-01T20:55:09.335Z |
Product Information
| Vendor | Kashipara |
|---|---|
| Product | College Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
AI Analysis
| AI Description | A SQL injection vulnerability in Kashipara College Management System allows remote attackers to extract or modify sensitive data by exploiting the view_each_faculty.php file. This is a critical issue as it can lead to unauthorized access to sensitive information. |
|---|---|
| AI Severity | High |
| AI Vendor | Kashipara |
| AI Product | College Management System |
| AI Version | 1.0 |
Affected Products
- Kashipara College Management System 1.0
Additional Information
| CWE List | CWE-89 |
|---|---|
| Source | VulDB |
Description
A vulnerability, which was classified as critical, was found in Kashipara College Management System 1.0. This affects an unknown part of the file view_each_faculty.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263919.