CVE-2020-36034

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
11/08/2023
Last modified:
17/08/2023

Description

SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:school_faculty_scheduling_system_project:school_faculty_scheduling_system:1.0:*:*:*:*:*:*:*