CVE Daily

CVE-2023-41522

Student Attendance Management System v1 was discovered to contain multiple SQL i...

High CVSS 8.8

Overview

Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createStudents.php via the Id, firstname, and admissionNumber parameters.

CWE: CWE-89 Published: 2025-08-07T18:15:28.740
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 8.8 (HIGH)
  • Detected tags: sql (tag impact: MODERATE)

Recommended actions:

  • Use parameterized queries/ORM (avoid string concatenation).
  • Add WAF rules and input validation.

Recommended tools

Tags