School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/modstudent/index.php?view=view&id=.
References
Link | Resource |
---|---|
https://github.com/saluteSUC/bug_report/blob/main/vendors/janobe/school-activity-updates-sms-notification/SQLi-2.md | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2022-09-16 15:15
Updated : 2024-02-28 19:29
NVD link : CVE-2022-38833
Mitre link : CVE-2022-38833
CVE.ORG link : CVE-2022-38833
JSON object : View
Products Affected
school_activity_updates_with_sms_notification_project
- school_activity_updates_with_sms_notification
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')