github - ghsa-m6q8-3vcx-vm5c

ghsa-m6q8-3vcx-vm5c

Vulnerability from github

Published

2024-07-15 00:30

Modified

2024-08-26 06:30

Severity

6.3 (Medium) - CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
5.3 (Medium) - CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Details

A vulnerability classified as critical has been found in SourceCodester Student Study Center Desk Management System 1.0. This affects an unknown part of the file /Master.php?f=save_student. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-271449 was assigned to this vulnerability.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-6731"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-89"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-14T22:15:02Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability classified as critical has been found in SourceCodester Student Study Center Desk Management System 1.0. This affects an unknown part of the file /Master.php?f=save_student. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-271449 was assigned to this vulnerability.",
  "id": "GHSA-m6q8-3vcx-vm5c",
  "modified": "2024-08-26T06:30:45Z",
  "published": "2024-07-15T00:30:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6731"
    },
    {
      "type": "WEB",
      "url": "https://reports-kunull.vercel.app/CVE%20research/2024/cve-2024-6731"
    },
    {
      "type": "WEB",
      "url": "https://reports-kunull.vercel.app/CVE%20research/student-study-center-desk-management-system-save_student"
    },
    {
      "type": "WEB",
      "url": "https://reports-kunull.vercel.app/CVEs/2024/CVE-2024-6731"
    },
    {
      "type": "WEB",
      "url": "https://reports.kunull.net/CVEs/2024/CVE-2024-6731"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.271449"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.271449"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.374362"
    },
    {
      "type": "WEB",
      "url": "https://www.sourcecodester.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

cve-2024-6731

Vulnerability from cvelistv5

Published

2024-07-14 22:00

Modified

2024-08-26 04:53

Severity

5.3 (Medium) - cvssV4_0 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
6.3 (Medium) - cvssV3_1 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 (Medium) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Summary

SourceCodester Student Study Center Desk Management System Master.php sql injection

References

URL	Tags
https://vuldb.com/?id.271449	vdb-entry, technical-description
https://vuldb.com/?ctiid.271449	signature, permissions-required
https://vuldb.com/?submit.374362	third-party-advisory
https://reports.kunull.net/CVEs/2024/CVE-2024-6731	exploit
https://www.sourcecodester.com/	product

Impacted products

Vendor	Product
SourceCodester	Student Study Center Desk Management System

Show details on NVD website