Unauthenticated SQL Injection Vulnerability in Sourcecodester Online Grading System 1.0
CVE-2019-18344 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Sourcecodester Online Grading System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the student, instructor, department, room, class, or user page (id or classid parameter).
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.