A SQL Injection was found in /admin/delete_event.php in...
Critical severity
Unreviewed
Published
Dec 9, 2024
to the GitHub Advisory Database
•
Updated Dec 11, 2024
Description
Published by the National Vulnerability Database
Dec 9, 2024
Published to the GitHub Advisory Database
Dec 9, 2024
Last updated
Dec 11, 2024
A SQL Injection was found in /admin/delete_event.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter.
References