VDB-258036 · CVE-2024-2945 · GCVE-100-258036

Campcodes Online Examination System 1.0 updateExaminee.php ID SQL ଇଞ୍ଜେକ୍ସନ

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame Campcodes Online Examination System 1.0 keessatti argameera. Kan miidhamte is hojii hin beekamne faayilii /adminpanel/admin/facebox_modal/updateExaminee.php keessa. Hojii jijjiirraa irratti gaggeeffame ID gara SQL ଇଞ୍ଜେକ୍ସନ geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-89 geessa. Dadhabbii kana yeroo 03/26/2024 maxxanfameera. Odeeffannoon kun buufachuuf github.com irratti qoodameera. Dogoggorri kun akka CVE-2024-2945tti beekama. Yaaliin weeraraa fageenya irraa jalqabamuu ni danda'a. Faayidaaleen teeknikaa ni jiru. Waliigalatti, meeshaa balaa kana fayyadamuuf jiru. Qorannoo miidhaa (exploit) uummataaf ifoomameera fi fayyadamamuu danda'a. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee ibsameera. Carraa exploit kana github.com irraa buufachuun ni danda'ama. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. VulDB is the best source for vulnerability data and more expert information about this specific topic.

4 ଆଡାପ୍ଟେସନ୍ · 96 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 03/26/2024 05:35 PM	ଅଦ୍ୟତନ 1/3 05/05/2024 09:27 AM	ଅଦ୍ୟତନ 2/3 05/05/2024 09:31 AM	ଅଦ୍ୟତନ 3/3 02/21/2025 08:16 PM
software_vendor	Campcodes	Campcodes	Campcodes	Campcodes
software_name	Online Examination System	Online Examination System	Online Examination System	Online Examination System
software_version	1.0	1.0	1.0	1.0
software_file	/adminpanel/admin/facebox_modal/updateExaminee.php	/adminpanel/admin/facebox_modal/updateExaminee.php	/adminpanel/admin/facebox_modal/updateExaminee.php	/adminpanel/admin/facebox_modal/updateExaminee.php
software_argument	id	id	id	id
vulnerability_cwe	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)	CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)
vulnerability_risk	2	2	2	2
cvss3_vuldb_av	N	N	N	N
cvss3_vuldb_ac	L	L	L	L
cvss3_vuldb_ui	N	N	N	N
cvss3_vuldb_s	U	U	U	U
cvss3_vuldb_c	L	L	L	L
cvss3_vuldb_i	L	L	L	L
cvss3_vuldb_a	L	L	L	L
cvss3_vuldb_e	P	P	P	P
cvss3_vuldb_rc	R	R	R	R
advisory_url	https://github.com/E1CHO/cve_hub/blob/main/Online%20Examination%20System/Online%20Examination%20System%20-%20vuln%205.pdf	https://github.com/E1CHO/cve_hub/blob/main/Online%20Examination%20System/Online%20Examination%20System%20-%20vuln%205.pdf	https://github.com/E1CHO/cve_hub/blob/main/Online%20Examination%20System/Online%20Examination%20System%20-%20vuln%205.pdf	https://github.com/E1CHO/cve_hub/blob/main/Online%20Examination%20System/Online%20Examination%20System%20-%20vuln%205.pdf
exploit_availability	1	1	1	1
exploit_publicity	1	1	1	1
exploit_url	https://github.com/E1CHO/cve_hub/blob/main/Online%20Examination%20System/Online%20Examination%20System%20-%20vuln%205.pdf	https://github.com/E1CHO/cve_hub/blob/main/Online%20Examination%20System/Online%20Examination%20System%20-%20vuln%205.pdf	https://github.com/E1CHO/cve_hub/blob/main/Online%20Examination%20System/Online%20Examination%20System%20-%20vuln%205.pdf	https://github.com/E1CHO/cve_hub/blob/main/Online%20Examination%20System/Online%20Examination%20System%20-%20vuln%205.pdf
source_cve	CVE-2024-2945	CVE-2024-2945	CVE-2024-2945	CVE-2024-2945
cna_responsible	VulDB	VulDB	VulDB	VulDB
advisory_date	1711407600 (03/26/2024)	1711407600 (03/26/2024)	1711407600 (03/26/2024)	1711407600 (03/26/2024)
cvss2_vuldb_av	N	N	N	N
cvss2_vuldb_ac	L	L	L	L
cvss2_vuldb_ci	P	P	P	P
cvss2_vuldb_ii	P	P	P	P
cvss2_vuldb_ai	P	P	P	P
cvss2_vuldb_e	POC	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR	UR
cvss4_vuldb_av	N	N	N	N
cvss4_vuldb_ac	L	L	L	L
cvss4_vuldb_ui	N	N	N	N
cvss4_vuldb_vc	L	L	L	L
cvss4_vuldb_vi	L	L	L	L
cvss4_vuldb_va	L	L	L	L
cvss4_vuldb_e	P	P	P	P
cvss2_vuldb_au	S	S	S	S
cvss2_vuldb_rl	ND	ND	ND	ND
cvss3_vuldb_pr	L	L	L	L
cvss3_vuldb_rl	X	X	X	X
cvss4_vuldb_at	N	N	N	N
cvss4_vuldb_pr	L	L	L	L
cvss4_vuldb_sc	N	N	N	N
cvss4_vuldb_si	N	N	N	N
cvss4_vuldb_sa	N	N	N	N
cvss2_vuldb_basescore	6.5	6.5	6.5	6.5
cvss2_vuldb_tempscore	5.6	5.6	5.6	5.6
cvss3_vuldb_basescore	6.3	6.3	6.3	6.3
cvss3_vuldb_tempscore	5.7	5.7	5.7	5.7
cvss3_meta_basescore	6.3	6.3	6.3	6.4
cvss3_meta_tempscore	5.7	5.7	6.0	6.2
cvss4_vuldb_bscore	5.3	5.3	5.3	5.3
cvss4_vuldb_btscore	2.1	2.1	2.1	2.1
price_0day	$0-$5k	$0-$5k	$0-$5k	$0-$5k
cve_assigned		1711407600 (03/26/2024)	1711407600 (03/26/2024)	1711407600 (03/26/2024)
cve_nvd_summary		A vulnerability was found in Campcodes Online Examination System 1.0. It has been classified as critical. Affected is an unknown function of the file /adminpanel/admin/facebox_modal/updateExaminee.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258036.	A vulnerability was found in Campcodes Online Examination System 1.0. It has been classified as critical. Affected is an unknown function of the file /adminpanel/admin/facebox_modal/updateExaminee.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258036.	A vulnerability was found in Campcodes Online Examination System 1.0. It has been classified as critical. Affected is an unknown function of the file /adminpanel/admin/facebox_modal/updateExaminee.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258036.
cvss2_nvd_au			S	S
cvss2_nvd_ci			P	P
cvss2_nvd_ii			P	P
cvss2_nvd_ai			P	P
cvss3_cna_av			N	N
cvss3_cna_ac			L	L
cvss3_cna_pr			L	L
cvss3_cna_ui			N	N
cvss3_cna_s			U	U
cvss3_cna_c			L	L
cvss3_cna_i			L	L
cvss3_cna_a			L	L
cve_cna			VulDB	VulDB
cvss2_nvd_basescore			6.5	6.5
cvss3_cna_basescore			6.3	6.3
cvss2_nvd_av			N	N
cvss2_nvd_ac			L	L
cve_nvd_summaryes				Se encontró una vulnerabilidad en Campcodes Online Examination System 1.0. Ha sido clasificada como crítica. Una función desconocida del archivo /adminpanel/admin/facebox_modal/updateExaminee.php es afectada por esta vulnerabilidad. La manipulación del argumento id conduce a la inyección de SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al público y puede utilizarse. El identificador de esta vulnerabilidad es VDB-258036.
cvss3_nvd_av				N
cvss3_nvd_ac				L
cvss3_nvd_pr				L
cvss3_nvd_ui				N
cvss3_nvd_s				U
cvss3_nvd_c				H
cvss3_nvd_i				N
cvss3_nvd_a				N
cvss3_nvd_basescore				6.5
cvss2_cna_av				N
cvss2_cna_ac				L
cvss2_cna_au				S
cvss2_cna_ci				P
cvss2_cna_ii				P
cvss2_cna_ai				P
cvss2_cna_basescore				6.5

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Interested in the pricing of exploits?

See the underground prices here!