CVE-2024-1832 | SourceCodester Complete File Management System 1.0 Admin Login Form /admin/ username sql injection

Inserito da Angelo Barbosa | Feb 23, 2024 | CVE

A vulnerability has been found in SourceCodester Complete File Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ of the component Admin Login Form. The manipulation of the argument username with the input torada%27+or+%271%27+%3D+%271%27+--+- leads to sql injection.

This vulnerability is known as CVE-2024-1832. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-1832 | SourceCodester Complete File Management System 1.0 Admin Login Form /admin/ username sql injection

Post correlati

CVE-2024-42850 | Silverpeas up to 6.4.2 Password Change weak password

CVE-2024-33656 | AMI AptioV up to 5.36 DXE Module privileges management

CVE-2024-6367 | LabVantage LIMS 2017 POST Request sdcid/keyid1/keyid2/keyid3 cross site scripting

CVE-2024-34075 | xiboon kurwov up to 3.2.4 MarkovData#getNext deserialization