CVE-2024-1877 | SourceCodester Employee Management System 1.0 /cancel.php id sql injection

Inserito da Angelo Barbosa | Feb 25, 2024 | CVE

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /cancel.php. The manipulation of the argument id with the input 1%20or%201=1 leads to sql injection.

This vulnerability is known as CVE-2024-1877. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-1877 | SourceCodester Employee Management System 1.0 /cancel.php id sql injection

Post correlati

CVE-2024-8253 | Post Grid and Gutenberg Blocks Plugin 2.2.87/2.2.88/2.2.89/2.2.90 on WordPress Privilege Escalation

CVE-2024-9472 | Palo Alto Networks Cloud NGFW/PAN-OS/Prisma Access null pointer dereference

CVE-2024-23764 | WithSecure Client Security Local Privilege Escalation

CVE-2022-23179 | Contact Form & Lead Form Elementor Builder Plugin up to 1.6.x on WordPress cross site scripting