CVE-2024-27685 - CERT CVE
ID CVE-2024-27685
Sažetak SQL Injection vulnerability in Student Record system Using PHP and MySQL v.3.20 allows a remote attacker to obtain sensitive information via a crafted payload to the $cshortname, $cfullname, and $cdate variables.
Reference
CVSS
Base: 7.1
Impact: 4.2
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH LOW NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Zadnje važnije ažuriranje 26-06-2025 - 18:57
Objavljeno 25-06-2025 - 15:15