CVE-2024-54933

Published Dec 9, 2024

Last updated 2 months ago

CVSS high 7.2

Overview

Description: Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_content.php.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.2
Impact score: 5.9
Exploitability score: 1.2
Vector string: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-89
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-89

Hype score: Not currently trending

CVE-2024-54933 Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_content.php. https://t.co/PoqHw4BQrI
@CVEnew
10 Dec 2024
138 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-54933 SQL Injection Vulnerability in Kashipara E-learning Management v1.0 Kas... https://t.co/QwYv4iGJgB Vulnerability Notification: https://t.co/xhLrNnfyrO
@VulmonFeeds
10 Dec 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:lopalopa:e-learning_management_system:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFD62B66-BEBB-4F0C-9F2F-66A7DC3E83E7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

https://nvd.nist.gov/vuln/detail/CVE-2024-54933
https://github.com/m14r41/Writeups/blob/main/CVE/Kashipara/E-learning%20Management%20System%20project/SQL%20Injection%20-%20delete%20content.pdf

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References