CVE-2024-9080: code-projects Student Record System pincode-verification.php sql injection
First published: Sun Sep 22 2024(Updated: )
A vulnerability was found in code-projects Student Record System 1.0. It has been classified as critical. Affected is an unknown function of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| code-projects Student Record System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-9080?
CVE-2024-9080 has been classified as a critical vulnerability.
What impact does CVE-2024-9080 have on security?
CVE-2024-9080 allows for SQL injection through the pincode argument, potentially compromising database integrity.
How do I fix CVE-2024-9080?
To mitigate CVE-2024-9080, validate and sanitize all user inputs, especially the pincode field.
What versions of Student Record System are affected by CVE-2024-9080?
CVE-2024-9080 affects version 1.0 of the code-projects Student Record System.
Is CVE-2024-9080 exploitable remotely?
Yes, CVE-2024-9080 can be exploited remotely.
- agent/weakness
- agent/type
- agent/references
- agent/first-publish-date
- agent/description
- agent/title
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/trending
- agent/tags
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/source
- vendor/code-projects
- canonical/code-projects student record system
- version/code-projects student record system/1.0