CVE-2024-10425 | Project Worlds Student Project Allocation System 1.0 Project Selection Page move_up_project.php up sql injection

Inserito da Angelo Barbosa | Ott 26, 2024 | CVE

A vulnerability was found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /student/project_selection/move_up_project.php of the component Project Selection Page. The manipulation of the argument up leads to sql injection.

This vulnerability is handled as CVE-2024-10425. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-10425 | Project Worlds Student Project Allocation System 1.0 Project Selection Page move_up_project.php up sql injection

Post correlati

CVE-2024-46801 | Linux Kernel up to 6.10.9 libfs get_stashed_dentry null pointer dereference (03e2a1209a83/4e32c25b58b9)

CVE-2024-30094 | Microsoft Windows up to Server 2022 23H2 Routing/Remote Access Service heap-based overflow

CVE-2023-45698 | HCL Sametime up to 12.0.1 FP1 Outlook Add-in clickjacking (KB0109082)

CVE-2023-25699 | VideoWhisper Live Streaming Integration Plugin up to 5.5.15 on WordPress os command injection