9.8
CVSSv3

CVE-2024-13037

CVSSv4: 5.3 | CVSSv3: 9.8 | CVSSv2: 6.5 | VMScore: 630 | EPSS: 0.00063 | KEV: Not Included
Published: 30/12/2024 Updated: 06/01/2025

Vulnerability Summary

Critical Remote SQL Injection in 1000 Projects Attendance System 1.0

A critical vulnerability is in 1000 Projects Attendance Tracking Management System 1.0. The issue is in the function attendance_report in the file /admin/report.php. Manipulating the course_id argument can cause SQL injection. This attack can be done remotely. The exploit is public and may be used.

Vulnerable Product Search on Vulmon Subscribe to Product

1000projects attendance tracking management system 1.0