Vulnerabilities > Idattend > Idweb > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-10-25 CVE-2023-26569 SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052
Unauthenticated SQL injection in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.
network
low complexity
idattend CWE-89
critical
 9.1
9.1
2023-10-25 CVE-2023-26568 SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052
Unauthenticated SQL injection in the GetStudentGroupStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.
network
low complexity
idattend CWE-89
critical
 9.1
9.1