Online Class Record System
Monthly
Online Class Record System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).
SourceCodester Online Class Record System 1.0 contains a SQL injection vulnerability in the subject controller that allows unauthenticated remote attackers to manipulate the ID parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and could enable unauthorized data access, modification, or system compromise.
SQL injection in SourceCodester Online Class Record System 1.0 allows unauthenticated remote attackers to manipulate the user_email parameter in /admin/login.php, potentially enabling unauthorized data access and modification. Public exploit code exists for this vulnerability, and no patch is currently available.
Online Class Record System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).
SourceCodester Online Class Record System 1.0 contains a SQL injection vulnerability in the subject controller that allows unauthenticated remote attackers to manipulate the ID parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and could enable unauthorized data access, modification, or system compromise.
SQL injection in SourceCodester Online Class Record System 1.0 allows unauthenticated remote attackers to manipulate the user_email parameter in /admin/login.php, potentially enabling unauthorized data access and modification. Public exploit code exists for this vulnerability, and no patch is currently available.