CVE-2023-41520

Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CISA-ADPADP
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
VendorProductVersion
student_attendance_management_system_projectstudent_attendance_management_system
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gist.github.com/celbahraoui/39c19c0b7f9f92a1a7e06d1c928bb1c3
https://github.com/rickxy/Student-Attendance-Management-System