Vulnerabilities > Idattend > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-10-25 CVE-2023-27260 SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052
Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.
network
low complexity
idattend CWE-89
critical
 9.1
9.1
2023-10-25 CVE-2023-27262 SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052
Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.
network
low complexity
idattend CWE-89
critical
 9.1
9.1