SQL Injection Vulnerability in Simple School Managment System
CVE-2024-25310
8.8HIGH
What is CVE-2024-25310?
The SQL Injection vulnerability in the Code-projects Simple School Management System 1.0 exists due to insufficient validation of user input in the 'id' parameter. This flaw is located in the delete.php file, where improper sanitization of the input allows attackers to craft malicious SQL queries. Exploiting this vulnerability could enable unauthorized access to the database, allowing attackers to view, modify, or delete sensitive information. Organizations using this software must implement countermeasures to safeguard against potential threats.