CVE-2024-7286 | SourceCodester Establishment Billing Management System 1.0 Login ajax.php username sql injection

Inserito da Angelo Barbosa | Lug 30, 2024 | CVE

A vulnerability was found in SourceCodester Establishment Billing Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/ajax.php?action=login of the component Login. The manipulation of the argument username leads to sql injection.

The identification of this vulnerability is CVE-2024-7286. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-7286 | SourceCodester Establishment Billing Management System 1.0 Login ajax.php username sql injection

Post correlati

CVE-2024-35591 | O2OA 8.3.8 PDF File unrestricted upload

CVE-2024-33914 | Exclusive Addons Elementor Plugin up to 2.6.9.1 on WordPress authorization

CVE-2024-1976 | Marketing Optimizer Plugin up to 20200925 on WordPress cross-site request forgery

CVE-2024-37900 | xwiki-platform up to 14.10.20/15.5.4/15.10.5/16.0.0 neutralization of directives (GHSA-wf3x-jccf-5g5g)