CVE-2024-0466 | code-projects Employee Profile Management System 1.0 file_table.php per_id sql injection

Inserito da Angelo Barbosa | Gen 12, 2024 | CVE

A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file file_table.php. The manipulation of the argument per_id leads to sql injection.

The identification of this vulnerability is CVE-2024-0466. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available.

CVE-2024-0466 | code-projects Employee Profile Management System 1.0 file_table.php per_id sql injection

Post correlati

CVE-2023-52251 | kafka-ui up to 0.7.1 messages q Remote Code Execution

CVE-2024-29949 | Hikvision DS-7604NI-M1 command injection

CVE-2023-49699 | ASR Falcon prior CP01.057.063 IMS memory corruption

CVE-2024-6168 | aprokopenko Just Custom Fields Plugin up to 3.3.2 on WordPress cross-site request forgery