Unrated severityNVD Advisory· Published Dec 21, 2023· Updated Aug 2, 2024
Student Result Management System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CVE-2023-48720
Description
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'password' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <= 1.0
- Projectworlds Pvt. Limited/Student Result Management Systemv5Range: 1.0
Patches
Vulnerability mechanics
References
2- fluidattacks.com/advisories/gilels/mitrethird-party-advisory
- projectworlds.inmitreproduct
News mentions
0No linked articles in our index yet.