CVE-2023-5495

Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 10/10/2023 Updated: 17/05/2024

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

A vulnerability was found in QDocs Smart School 6.4.1. It has been classified as critical. This affects an unknown part of the file /course/filterRecords/ of the component HTTP POST Request Handler. The manipulation of the argument searchdata[0][title]/searchdata[0][searchfield]/searchdata[0][searchvalue] leads to sql injection. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-241647. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qdocs smart school 6.4.1

Smart School version 641 suffers from multiple remote SQL injection vulnerabilities ...

CWE-89 https://vuldb.com/?id.241647 https://vuldb.com/?ctiid.241647 http://packetstormsecurity.com/files/175071/Smart-School-6.4.1-SQL-Injection.html https://nvd.nist.gov https://packetstormsecurity.com/files/175071/Smart-School-6.4.1-SQL-Injection.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-5495

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect