CVE-2024-8346 | SourceCodester Computer Laboratory Management System 1.0 SystemSettings.php update_settings_info name sql injection

Inserito da Angelo Barbosa | Ago 30, 2024 | CVE

A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. Affected is the function update_settings_info of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument name leads to sql injection.

This vulnerability is traded as CVE-2024-8346. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-8346 | SourceCodester Computer Laboratory Management System 1.0 SystemSettings.php update_settings_info name sql injection

Post correlati

CVE-2024-46689 | Linux Kernel up to 6.10.7 Shared Memory Page infinite loop

CVE-2024-11130 | ZZCMS up to 2023 /admin/msg.php keyword cross site scripting

CVE-2024-29375 | Addactis IBNRS 3.10.3.107 ibnrs File csv injection

CVE-2024-2661 | Barcode Scanner with Inventory & Order Manager Plugin sql injection