A SQL Injection was found in /student_signup.php in...
Critical severity
Unreviewed
Published
Dec 9, 2024
to the GitHub Advisory Database
•
Updated Dec 11, 2024
Description
Published by the National Vulnerability Database
Dec 9, 2024
Published to the GitHub Advisory Database
Dec 9, 2024
Last updated
Dec 11, 2024
A SQL Injection was found in /student_signup.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username, firstname, lastname, and class_id parameters.
References