Home

Description

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=delete_category. Manipulating the argument id can result in SQL injection.

PUBLISHED Reserved 2024-05-17 | Published 2024-05-30 | Updated 2025-02-13 | Assigner mitre

References

vuln.pentester.stream/...ln10-blind-sql-injection-time-based

cve.org (CVE-2024-35355)

nvd.nist.gov (CVE-2024-35355)

Download JSON