CVE-2024-5098 | SourceCodester Simple Inventory System 1.0 login.php username sql injection

Inserito da Angelo Barbosa | Mag 18, 2024 | CVE

A vulnerability has been found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection.

This vulnerability is known as CVE-2024-5098. Access to the local network is required for this attack. Furthermore, there is an exploit available.

CVE-2024-5098 | SourceCodester Simple Inventory System 1.0 login.php username sql injection

Post correlati

CVE-2024-1508 | Prime Slider Plugin up to 3.13.2 on WordPress Mercury Widget cross site scripting

CVE-2023-7203 | Smart Forms Plugin up to 2.6.86 on WordPress AJAX Action cross-site request forgery

CVE-2023-52117 | Metagauss ProfileGrid Plugin up to 5.6.6 on WordPress authorization

CVE-2023-6845 | CommentTweets Plugin up to 0.6 on WordPress cross-site request forgery