CVE-2024-4806

CVSS 3.1 Score 6.3 of 10 (medium)

Attack Complexity low
Confidentiality low
Integrity low
Availability low
Privileges Required low
Scope unchanged

Details

Published May 14, 2024
Updated: Jun 4, 2024
CWE ID 89

Summary

CVE-2024-4806 is a critical vulnerability identified in Kashipara College Management System 1.0. The issue lies in the unknown code of the file each_extracurricula_activities.php, which can be exploited through SQL injection. Malicious actors can manipulate the argument id to gain unauthorized access remotely. The vulnerability has been disclosed to the public, increasing the risk of exploitation. VDB-263926 is the assigned identifier for this security weakness.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share