SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the crit_id parameter of the edit_criteria.php file.
                
            References
                    | Link | Resource | 
|---|---|
| https://github.com/qingning988/cve_report/blob/main/judging-management-system/SQLi-1.md | Exploit Third Party Advisory | 
| https://www.github.com | Not Applicable | 
| https://github.com/qingning988/cve_report/blob/main/judging-management-system/SQLi-1.md | Exploit Third Party Advisory | 
| https://www.github.com | Not Applicable | 
Configurations
                    Configuration 1 (hide)
| 
 | 
History
                    21 Nov 2024, 07:59
| Type | Values Removed | Values Added | 
|---|---|---|
| References | () https://github.com/qingning988/cve_report/blob/main/judging-management-system/SQLi-1.md - Exploit, Third Party Advisory | |
| References | () https://www.github.com - Not Applicable | 
Information
                Published : 2023-05-15 16:15
Updated : 2025-01-23 19:15
NVD link : CVE-2023-30245
Mitre link : CVE-2023-30245
CVE.ORG link : CVE-2023-30245
JSON object : View
Products Affected
                judging_management_system_project
- judging_management_system
CWE
                
                    
                        
                        CWE-89
                        
            Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
