Simple Student Information System
CVE-2022-24231
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student.
AnalysisAI
Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as SQL Injection (CWE-89), which allows attackers to execute arbitrary SQL commands against the database. Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student. Affected products include: Simple Student Information System Project Simple Student Information System.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use parameterized queries/prepared statements. Never concatenate user input into SQL. Apply least-privilege database permissions.
A vulnerability was found in SourceCodester Simple Student Information System and classified as critical.php. Rated crit
A vulnerability was found in SourceCodester Simple Student Information System. Rated critical severity (CVSS 9.8), this
A vulnerability was found in Campcodes Simple Student Information System 1.0. Rated high severity (CVSS 7.5), this vulne
A vulnerability was found in Campcodes Simple Student Information System 1.0 and classified as critical. Rated high seve
A vulnerability has been found in Campcodes Simple Student Information System 1.0 and classified as critical. Rated high
A vulnerability, which was classified as critical, was found in Campcodes Simple Student Information System 1.0. Rated h
A vulnerability, which was classified as critical, has been found in Campcodes Simple Student Information System 1.0.php
A vulnerability classified as critical was found in Campcodes Simple Student Information System 1.0. Rated high severity
A vulnerability classified as critical has been found in Campcodes Simple Student Information System 1.0. Rated high sev
A vulnerability was found in Campcodes Simple Student Information System 1.0. Rated medium severity (CVSS 6.1), this vul
A vulnerability was found in SourceCodester Simple Student Information System 1.0. Rated medium severity (CVSS 4.8), thi
A vulnerability was found in Campcodes Student Information System 1.0. Rated medium severity (CVSS 6.3), this vulnerabil
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today