CVE-2023-51801

Name of the Vulnerable Software and Affected Versions Simple Student Attendance System version 1.0

Description The issue allows a remote attacker to execute arbitrary code via a crafted payload to the id parameter in the "student form.php" and "class form.php" pages. This enables the attacker to inject malicious SQL code, potentially leading to unauthorized access or data manipulation.

Recommendations For Simple Student Attendance System version 1.0, consider disabling the id parameter in the affected pages until a patch is available. Restrict access to the "student form.php" and "class form.php" pages to minimize the risk of exploitation. Avoid using the id parameter in these pages until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.