CVE-2023-46025

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Nov 14, 2023

Updated: Nov 17, 2023

CWE ID 89

Summary

CVE-2023-46025 is a SQL injection vulnerability that affects the teacher-info.php file in the phpgurukul Teacher Subject Allocation Management System version 1.0. This defect permits attackers to gain unauthorized access to sensitive information by manipulating the 'editid' parameter in SQL queries. Successful exploitation of this vulnerability could lead to the exposure of confidential data, posing a significant risk to system security. It is crucial for users to update their systems to a secure version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tBy9s3
https://www.cve.org/CVERecord?id=CVE-2023-46025
https://nvd.nist.gov/vuln/detail/CVE-2023-46025

Back to Vulnerability Database

CVE-2023-46025

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations