CVE-2024-12488

A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/subject_update.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Configurations

Configuration 1 (hide)

cpe:2.3:a:fabian:online_class_and_exam_scheduling_system:1.0:*:*:*:*:*:*:*

History

12 Dec 2024, 17:37

Type Values Removed Values Added
New CVE

Information

Published : 2024-12-12 01:40

Updated : 2024-12-12 17:37


NVD link : CVE-2024-12488

Mitre link : CVE-2024-12488

CVE.ORG link : CVE-2024-12488


JSON object : View

Products Affected

fabian

  • online_class_and_exam_scheduling_system
CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')