CVE-2024-4906

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published May 15, 2024

Updated: Jun 4, 2024

CWE ID 89

Summary

CVE-2024-4406: A critical vulnerability was identified in the Campcodes Complete Web-Based School Management System 1.0. This issue lies within the file /view/show_student1.php, and allows for sql injection through manipulation of the argument "grade". The vulnerability can be exploited remotely, and the exploit has been made public, posing a significant risk. The VDB-264441 identifier has been assigned to this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Campcodes Online Examination System

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/v8XkjX
https://www.cve.org/CVERecord?id=CVE-2024-4906
https://nvd.nist.gov/vuln/detail/CVE-2024-4906

Back to Vulnerability Database

CVE-2024-4906

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations