7.3
CVSSv3

CVE-2024-12927

CVSSv4: 6.9 | CVSSv3: 7.3 | CVSSv2: 7.5 | VMScore: 790 | EPSS: 0.00045 | KEV: Not Included
Published: 25/12/2024 Updated: 27/12/2024

Vulnerability Summary

Critical SQL Injection Vulnerability in 1000 Projects Attendance System

A critical problem has been discovered in 1000 Projects Attendance Tracking Management System 1.0. The issue affects some part of the file /faculty/check_faculty_login.php. Changing the faculty_emailid argument causes an SQL injection vulnerability. This attack can be done from a remote location. The exploit is now public and could be used by others.