### [CVE-2019-18344](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18344)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Sourcecodester Online Grading System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the student, instructor, department, room, class, or user page (id or classid parameter).

### POC

#### Reference
- https://www.sevenlayers.com/index.php/262-online-grading-system-1-0-sqli

#### Github
No PoCs found on GitHub currently.