CVE-2024-3425 | SourceCodester Online Courseware 1.0 admin/activateall.php selector sql injection

Inserito da Angelo Barbosa | Apr 6, 2024 | CVE

A vulnerability classified as critical was found in SourceCodester Online Courseware 1.0. Affected by this vulnerability is an unknown functionality of the file admin/activateall.php. The manipulation of the argument selector leads to sql injection.

This vulnerability is known as CVE-2024-3425. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-3425 | SourceCodester Online Courseware 1.0 admin/activateall.php selector sql injection

Post correlati

CVE-2024-3670 | harmr Leaflet Maps Marker Plugin up to 3.12.8 on WordPress Shortcode mapsmarker cross site scripting (ID 3069915)

CVE-2024-3049 | Red Hat Enterprise Linux 7/8/9 Booth Server gcry_md_get_algo_dlen data authenticity

CVE-2024-4964 | D-Link DAR-7000-40 V31R02B1413C /firewall/urlblist.php file unrestricted upload (SAP10354)

CVE-2024-20448 | Cisco Data Center Network Manager up to 12.2.1 Nexus Dashboard cleartext storage in a file or on disk (cisco-sa-ndfc-cidv-XvyX2wLj)