CVE-2024-0497

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 13, 2024

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2024-0497 is a newly disclosed critical vulnerability affecting the Campcodes Student Information System 1.0. The issue lies within an unknown function of the file /classes/Users.php?f=save. An attacker can exploit this vulnerability by manipulating the argument "username" to carry out SQL injection attacks. The exploit can be launched remotely, increasing the risk to affected systems. This vulnerability, identified as VDB-250602, has been made public and may be actively used by malicious actors.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uHq8MX
https://www.cve.org/CVERecord?id=CVE-2024-0497
https://nvd.nist.gov/vuln/detail/CVE-2024-0497

Back to Vulnerability Database

CVE-2024-0497

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations