CVE-2024-1831 | SourceCodester Complete File Management System 1.0 Login Form users/index.php username sql injection

Inserito da Angelo Barbosa | Feb 23, 2024 | CVE

A vulnerability, which was classified as critical, was found in SourceCodester Complete File Management System 1.0. Affected is an unknown function of the file users/index.php of the component Login Form. The manipulation of the argument username with the input torada%27+or+%271%27+%3D+%271%27+--+- leads to sql injection.

This vulnerability is traded as CVE-2024-1831. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-1831 | SourceCodester Complete File Management System 1.0 Login Form users/index.php username sql injection

Post correlati

CVE-2024-34814 | ThemeFuse Unyson Plugin up to 2.7.29 on WordPress cross-site request forgery

CVE-2024-22637 | Form Tools 3.1.1 preview.php cross site scripting (ID 176403)

CVE-2024-39484 | Linux Kernel up to 6.1.94/6.6.33/6.9.4 davinci Privilege Escalation

CVE-2024-39570 | Siemens SINEMA Remote Connect Server up to 3.2 VXLAN Configuration command injection (ssa-928781)