漏洞详情: CVE-2024-6268

漏洞标题
lahirudanushka School Management System Login Page login.php sql injection
来源:NVD
School-Management-System SQL注入漏洞
来源:CNNVD
漏洞描述
A vulnerability, which was classified as critical, has been found in lahirudanushka School Management System 1.0.0/1.0.1. Affected by this issue is some unknown functionality of the file login.php of the component Login Page. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269480.
来源:NVD
School-Management-System是Lahiru Danushka个人开发者的一个学校管理系统。 School-Management-System 1.0.0版本和1.0.1版本存在SQL注入漏洞,该漏洞源于文件login.php的参数email会导致SQL注入。
来源:CNNVD
NVD 暂无描述信息
来源:神龙机器人
漏洞评分(CVSS)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
来源:NVD
漏洞类别
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
来源:NVD
SQL注入
来源:CNNVD
相关链接