CVE-2023-6618

Published: Dec 8, 2023Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument page leads to file inclusion. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-247255.

Affected (1)

Products: Oretnom23: Simple Student Attendance System

1 product

Simple Student Attendance System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Oretnom23 Simple Student Attendance System	Version 1.0

Related CWEs

Externally Controlled Reference to a Resource in Another Sphere

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.

External Control of File Name or Path

The product allows user input to control or influence paths or file names that are used in filesystem operations.

References (6)

https://vuldb.com/?ctiid.247255

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.247255

Source: cna@vuldb.com

Third Party Advisory

https://www.yuque.com/u39339523/el4dxs/krpez3nzv1144cuc

Source: cna@vuldb.com

Third Party Advisory

https://vuldb.com/?ctiid.247255

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.247255

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.yuque.com/u39339523/el4dxs/krpez3nzv1144cuc

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.