SQL Injection Vulnerability in Classroom Update Function
CVE-2024-34927
9.8CRITICAL
What is CVE-2024-34927?
A vulnerability exists in the Campcodes Complete Web-Based School Management System version 1.0 that allows attackers to exploit the system through SQL injection. By manipulating the 'name' parameter in the /model/update_classroom.php file, unauthorized users can execute arbitrary SQL commands. This vulnerability can lead to unauthorized access to sensitive information and compromise the integrity of the database, making it critical for users to apply security patches and adopt best practices to secure their applications.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published