What is CVE-2024-6901?

CVE-2024-6901 is a medium-severity vulnerability in Sourcecodester Record Management System, classified under SQL Injection. CVSS score: 6.3/10. Published 2024-07-19.

How severe is CVE-2024-6901?

Medium severity. CVSS v3 base score is 6.3 out of 10.

SQL Injection in Sourcecodester Record Management System

CVE-2024-6901

A vulnerability classified as critical has been found in SourceCodester Record Management System 1.0. Affected is an unknown function of the file entry.php. The manipulation of the argument school leads to sql injection. It is possible to…

Vulnerability class: SQL Injection

EPSS: 0.001 (26.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L.

Affected products

Sourcecodester Record Management System — versions 1.0

Weakness classification (CWE)

CWE-89 — SQL Injection

References

VDB-271926 | SourceCodester Record Management System entry.php sql injection (vdb-entry, technical-description)
VDB-271926 | CTI Indicators (IOB, IOC, TTP, IOA) (signature, permissions-required)
Submit #375194 | SourceCodester Record Management System 1.0 SQL Injection (third-party-advisory)
github.com/netmanzhang/VUL/blob/main/Record-Management-System-04.md (exploit)

Frequently asked questions

What is CVE-2024-6901?: CVE-2024-6901 is a medium-severity vulnerability in Sourcecodester Record Management System, classified under SQL Injection. CVSS score: 6.3/10. Published 2024-07-19.
How severe is CVE-2024-6901?: Medium severity. CVSS v3 base score is 6.3 out of 10.