admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/6xxx/CVE-2024-6276.json
CVE Team 25b5b6db26
"-Synchronized-Data."
2024-06-24 02:00:34 +00:00

114 lines
4.3 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-6276",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, has been found in lahirudanushka School Management System 1.0.0/1.0.1. This issue affects some unknown processing of the file teacher.php of the component Teacher Page. The manipulation of the argument update leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-269489 was assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in lahirudanushka School Management System 1.0.0/1.0.1 entdeckt. Sie wurde als kritisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei teacher.php der Komponente Teacher Page. Dank der Manipulation des Arguments update mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "lahirudanushka",
"product": {
"product_data": [
{
"product_name": "School Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0.0"
},
{
"version_affected": "=",
"version_value": "1.0.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.269489",
"refsource": "MISC",
"name": "https://vuldb.com/?id.269489"
},
{
"url": "https://vuldb.com/?ctiid.269489",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.269489"
},
{
"url": "https://vuldb.com/?submit.362877",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.362877"
},
{
"url": "https://powerful-bulb-c36.notion.site/sql-injection-3-52ce387faca74869b441eb1bf4cec27a",
"refsource": "MISC",
"name": "https://powerful-bulb-c36.notion.site/sql-injection-3-52ce387faca74869b441eb1bf4cec27a"
}
]
},
"credits": [
{
"lang": "en",
"value": "louay khammassi (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.7,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.7,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink