CVE-2023-41522

Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createStudents.php via the Id, firstname, and admissionNumber parameters.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CISA-ADPADP
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
VendorProductVersion
student_attendance_management_system_projectstudent_attendance_management_system
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gist.github.com/celbahraoui/f13884670ac6668ae05b60fd37bb3521
https://github.com/rickxy/Student-Attendance-Management-System