Vulnerabilities > Idattend > Idweb > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-10-25 CVE-2023-26569 SQL Injection vulnerability in Idattend Idweb
Unauthenticated SQL injection in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.
network
low complexity
idattend CWE-89
critical
 9.1
9.1
2023-10-25 CVE-2023-26568 SQL Injection vulnerability in Idattend Idweb
Unauthenticated SQL injection in the GetStudentGroupStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.
network
low complexity
idattend CWE-89
critical
 9.1
9.1