CVE-2024-12490

CVSS 2.0 Score 6.5 of 10 (medium)

Details

Published Dec 12, 2024
CWE ID 89
CWE ID 74

Summary

CVE-2024-12490 is a newly disclosed critical vulnerability in the code-projects Online Class and Exam Scheduling System 1.0. The flaw affects an unknown part of the file /pages/teacher_save.php, allowing remote attackers to execute SQL injection by manipulating the salut argument. The exploit has been made public, increasing the risk of widespread exploitation. It is essential that users of this system apply the necessary patches as soon as possible to mitigate this vulnerability and protect against potential data breaches or unauthorized system access.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Online Class And Exam Scheduling System

Affected Vendors

  • Code Projects