CVE-2024-13025 Information

Description

A vulnerability was found in Codezips College Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Front-end/faculty.php. The manipulation of the argument book_name/book_author leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Reference

https://github.com/shaturo1337/POCs/blob/main/SQL%20Injection%20in%20College%20Management%20System.md https://vuldb.com/?ctiid.289716 https://vuldb.com/?id.289716 https://vuldb.com/?submit.471108