E-learning Management System v1.0 vulnerable to SQL Injection
CVE-2024-54921

Currently unrated

Key Information:

Vendor

kashipara

Status
E-learning Management System
Vendor
CVE Published:
9 December 2024

What is CVE-2024-54921?

A SQL Injection was found in /student_signup.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username, firstname, lastname, and class_id parameters.

References

https://github.com/m14r41/Writeups/blob/main/CVE/Kashipar...

Timeline

  • Vulnerability published

.
CVE-2024-54921 : E-learning Management System v1.0 vulnerable to SQL Injection