CVE-2024-1830 | code-projects Library System 1.0 lost-password.php email sql injection

Inserito da Angelo Barbosa | Feb 23, 2024 | CVE

A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file Source/librarian/user/student/lost-password.php. The manipulation of the argument email leads to sql injection.

This vulnerability is handled as CVE-2024-1830. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-1830 | code-projects Library System 1.0 lost-password.php email sql injection

Post correlati

CVE-2024-5681 | Schneider Electric EcoStruxure Foxboro DCS Core Control Services up to 9.8 IOCTL Call Foxboro.sys input validation (SEVD-2024-191-02)

CVE-2023-5629 | Schneider Electric Trio Q-Series Ethernet Data Radio redirect (SEVD-2023-346-01)

CVE-2024-7553 | MongoDB Server/Driver/PHP Driver on Windows access control

CVE-2023-37926 | Zyxel ATP/USG FLEX/USG FLEX 50/USG20-VPN/VPN CLI Command buffer overflow