CVE-2024-5396

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published May 27, 2024

Updated: Jun 4, 2024

CWE ID 89

Summary

CVE-2024-5397 is a critical vulnerability affecting the Online Student Enrollment System 1.0. An unknown functionality in the file instructorSubjects.php is the root cause, allowing for sql injection attacks. Manipulation of the instructorId argument can be exploited remotely, making this a significant threat. The vulnerability has been disclosed to the public, increasing the risk of exploitation. The associated identifier for this issue is VDB-266311.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wHuuxO
https://www.cve.org/CVERecord?id=CVE-2024-5396
https://nvd.nist.gov/vuln/detail/CVE-2024-5396

Back to Vulnerability Database

CVE-2024-5396

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations