Unrated severityNVD Advisory· Published Oct 26, 2023· Updated Aug 2, 2024

Shaanxi Chanming Education Technology Score Query System sql injection

CVE-2023-5787

Description

A vulnerability was found in Shaanxi Chanming Education Technology Score Query System 5.0. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument stuIdCard leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-243593 was assigned to this vulnerability.

Affected products

Shaanxi Chanming Education Technology/Score Query Systemllm-create
Range: =5.0
Shaanxi Chanming Education Technology/Score Query Systemv5
Range: 5.0

Patches

Vulnerability mechanics

References

github.com/Echosssy/-SQL-injection-exists-in-the-score-query-system/blob/main/README.mdmitrebroken-linkexploit
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entrytechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000