Critical Remote SQL Injection in 1000 Projects Attendance System 1.0
A critical vulnerability is in 1000 Projects Attendance Tracking Management System 1.0. The issue is in the function attendance_report in the file /admin/report.php. Manipulating the course_id argument can cause SQL injection. This attack can be done remotely. The exploit is public and may be used.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
1000projects attendance tracking management system 1.0 |