Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-46024

SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary SQL commands and obtain sensitive information via the 'searchdata' parameter.

Published

2023-11-14T22:15:30.193

Last Modified

2024-11-21T08:27:47.010

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-89

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	phpgurukul	teacher_subject_allocation_management_system	1.0	Yes

References

https://github.com/ersinerenler/phpgurukul-Teacher-Subject-Allocation-Management-System-1.0/blob/main/CVE-2023-46024-phpgurukul-Teacher-Subject-Allocation-Management-System-1.0-SQL-Injection-Vulnerability.md Exploit, Third Party Advisory ([email protected])
https://github.com/ersinerenler/phpgurukul-Teacher-Subject-Allocation-Management-System-1.0/blob/main/CVE-2023-46024-phpgurukul-Teacher-Subject-Allocation-Management-System-1.0-SQL-Injection-Vulnerability.md Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)