CVE-2024-54928

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Dec 9, 2024
Updated: Dec 11, 2024
CWE ID 89

Summary

CVE-2024-54928: A critical vulnerability has been identified in the kashipara E-learning Management System v1.0. Hackers can exploit this SQL Injection flaw in the /admin/delete_teacher.php file to gain unauthorized access to sensitive data or even take control of the system. Successful attacks could lead to data theft, unintended modification or deletion of records, or even complete system compromise. Users are urged to update their systems as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • E-Learning Management System

Affected Vendors

  • Kashipara