CVE-2024-10423 | Project Worlds Student Project Allocation System 1.0 Project Selection Page project_selection.php project_id sql injection

Inserito da Angelo Barbosa | Ott 26, 2024 | CVE

A vulnerability, which was classified as critical, was found in Project Worlds Student Project Allocation System 1.0. Affected is an unknown function of the file /student/project_selection/project_selection.php of the component Project Selection Page. The manipulation of the argument project_id leads to sql injection.

This vulnerability is traded as CVE-2024-10423. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-10423 | Project Worlds Student Project Allocation System 1.0 Project Selection Page project_selection.php project_id sql injection

Post correlati

CVE-2023-45249 | Acronis Cyber Infrastructure default password

CVE-2024-20076 | MediaTek MT8788 Modem memory corruption (MSV-1481 / MOLY01297806)

CVE-2023-50975 | TD Bank TD Advanced Dashboard Client up to 3.0.3 on macOS IsRunAsNodeEnabled Privilege Escalation

CVE-2022-44581 | WPMU Defender Security Plugin up to 3.3.2 on WordPress Temporary File sensitive information