CVE-2023-48718
published 2023-12-21CVE-2023-48718: Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_students.php resource does not validate the characters received and they are sent unfiltered to the database.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpgurukul | student_result_management_system | — | — |
| projectworlds_pvt_limited | student_result_management_system | — | — |