CVE-2024-54921

A SQL Injection was found in /student_signup.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username, firstname, lastname, and class_id parameters. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt