CVE-2024-54928
CVSS 3.1 Score 7.2 of 10 (high)
Details
Published Dec 9, 2024
Updated: Dec 11, 2024
CWE ID 89
Summary
CVE-2024-54928: A critical vulnerability has been identified in the kashipara E-learning Management System v1.0. Hackers can exploit this SQL Injection flaw in the /admin/delete_teacher.php file to gain unauthorized access to sensitive data or even take control of the system. Successful attacks could lead to data theft, unintended modification or deletion of records, or even complete system compromise. Users are urged to update their systems as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- E-Learning Management System
Affected Vendors
- Kashipara