SQL Injection in Code-projects College Management System
CVE-2024-7681
A vulnerability was found in code-projects College Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component Login Page. The manipulation of the argument email/p…
Vulnerability class: SQL Injection
EPSS: 0.007 (49.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L.
Affected products
- Code-projects College Management System — versions 1.0
- College_management_system_project College_management_system — versions 1.0
Weakness classification (CWE)
Public proof-of-concept exploits
References
- cna@vuldb.com (Permissions Required, technical-description, VDB Entry, Third Party Advisory, vdb-entry)
- cna@vuldb.com (signature, Permissions Required, permissions-required, VDB Entry, Third Party Advisory)
- cna@vuldb.com (VDB Entry, Third Party Advisory, third-party-advisory)
- cna@vuldb.com (issue-tracking, Exploit, exploit, Issue Tracking)
Frequently asked questions
- What is CVE-2024-7681?
- CVE-2024-7681 is a high-severity vulnerability in Code-projects College Management System, classified under SQL Injection. CVSS score: 7.3/10. Published 2024-08-12.
- How severe is CVE-2024-7681?
- High severity. CVSS v3 base score is 7.3 out of 10.
- Is CVE-2024-7681 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.