CVE Identifier: - CVE-2024-6274 Product and Version: - Lahirudanushka School Management System 1.0.0/1.0.1 Vulnerability Type: - SQL Injection Affected Component: - Attendance Report Page ( ) Vulnerability Classification: - Critical Attack Vector: - Can be exploited remotely Exploit: - An exploit is available, declared as proof-of-concept impact: - Confidentiality, integrity, and availability are impacted CWE Classification: - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Exploit Ease: - The exploitability is easy Additional Details: - A public exploit is available and can be downloaded from a specified website. - Vulnerable targets can be found using Google Hacking with