漏洞描述
Code-projects Simple School Managment System 是一个基于 PHP 的学校管理系统,用于管理学校的日常事务。该系统的 '/teacher_login.php' 页面中的 'name' 参数和'pass' 参数存在 SQL 注入漏洞,攻击者可以利用该漏洞执行恶意的 SQL 查询和操作数据库,从而获取敏感信息或进一步控制系统。
Simple School Managment System /teacher_login.php SQL 注入漏洞 (CVE-2024-25308/CVE-2024-25309)
PoC代码
暂无相关漏洞推荐
- POC wp-really-simple-captcha-fpd: WordPress Plugin Really Simple CAPTCHA - Full Path Disclosure
- POC wp-simple-custom-css-fpd: WordPress Simple Custom CSS Plugin - Full Path Disclosure
- 金慧综合管理信息系统SystemName参数存在SQL注入漏洞
- POC CVE-2020-12832: WordPress Simple File List - Path Traversal
- POC wp-simple-301-redirects-fpd: Simple 301 Redirects - Full Path Disclosure
- POC wp-simple-custom-css-fpd: WordPress Simple Custom CSS Plugin - Full Path Disclosure
- Code-Projects Refugee Food Management System SQL注入漏洞
- CampCodes Supplier Management System SQL注入漏洞
- Code-Projects College Notes Uploading System SQL注入漏洞
- itsourcecode Online Frozen Foods Ordering System SQL注入漏洞
- (CVE-2025-15011)Simple Stock System 1.0 logout.php SQL注入漏洞
- Carmelo Simple_stock_system注入漏洞(CVE-2025-14834)
- POC CVE-2021-4462: Employee Records System 1.0 - Unauthenticated File Upload RCE