CVE-2024-5396: itsourcecode Online Student Enrollment System newfaculty.php sql injection
First published: Mon May 27 2024(Updated: )
A vulnerability classified as critical has been found in itsourcecode Online Student Enrollment System 1.0. Affected is an unknown function of the file newfaculty.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266310 is the identifier assigned to this vulnerability.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| itsourcecode Online Student Enrollment System | ||
| itsourcecode Online Student Enrollment System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-5396?
CVE-2024-5396 is classified as a critical vulnerability.
How do I fix CVE-2024-5396?
To fix CVE-2024-5396, validate and sanitize all user input to prevent SQL injection.
What kind of attack can be executed through CVE-2024-5396?
CVE-2024-5396 allows for remote SQL injection attacks.
Which file is affected by CVE-2024-5396?
CVE-2024-5396 affects the file newfaculty.php in the Online Student Enrollment System.
What is the impact of exploiting CVE-2024-5396?
Exploitation of CVE-2024-5396 can lead to unauthorized database access.
- agent/weakness
- agent/title
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/event
- vendor/itsourcecode
- canonical/itsourcecode online student enrollment system
- version/itsourcecode online student enrollment system/1.0