CVE-2023-41520 - SQL Injection in Student Attendance Management System v1 Description Student Attendance Management System v1 contains multiple SQL injection vulnerabilities in the file. The vulnerable parameters are and . An attacker can exploit these flaws remotely to manipulate SQL queries, which may result in unauthorized data access or arbitrary code execution. Vulnerability Type SQL Injection Affected Product Product Name: Student Attendance Management System Version: v1 Component: createClassArms.php Vendor: GitHub Repository: https://github.com/rickxy/Student-Attendance-Management-System Attack Details Attack Type: Remote Attack Vectors: , parameters Impact: - Code Execution (through SQL manipulation) - Information Disclosure References https://github.com/rickxy/Student-Attendance-Management-System Discoverer Chaima EL BAHRAOUI