CVE-2023-41615

9.8CRITICAL

Key Information:

Vendor
PHPgurukul
Status
Zoo Management System
Vendor
CVE Published:
8 September 2023

Summary

Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields.

References

https://portswigger.net/web-security/sql-injection
https://phpgurukul.com/student-management-system-using-ph...
https://medium.com/%40guravtushar231/sql-injection-in-log...

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.