CVE-2024-6275

Name of the Vulnerable Software and Affected Versions: lahirudanushka School Management System versions 1.0.0 through 1.0.1

Description: A critical issue was found in the lahirudanushka School Management System, affecting the Parent Page component, specifically the file parent.php. The manipulation of the update argument leads to SQL injection. This issue can be exploited remotely.

Recommendations: For lahirudanushka School Management System versions 1.0.0 through 1.0.1, consider restricting access to the Parent Page component until a fix is available. As a temporary workaround, avoid using the update argument in the affected parent.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.