9.8
CVSSv3

CVE-2024-12899

CVSSv4: 6.9 | CVSSv3: 9.8 | CVSSv2: 7.5 | VMScore: 790 | EPSS: 0.00063 | KEV: Not Included
Published: 23/12/2024 Updated: 08/01/2025

Vulnerability Summary

Critical SQL Injection in 1000 Projects Attendance Tracking System 1.0

A critical vulnerability is present in 1000 Projects Attendance Tracking Management System 1.0. It involves the file /admin/course_action.php. When the course_code argument is manipulated, it causes SQL injection. This attack can be done from afar. The exploit is already public and might be used.

Vulnerable Product Search on Vulmon Subscribe to Product

1000projects attendance tracking management system 1.0