CVE-2024-7116 | MD-MAFUJUL-HASAN Online-Payroll-Management-System up to 20230911 /branch_viewmore.php id sql injection

A vulnerability was found in MD-MAFUJUL-HASAN Online-Payroll-Management-System up to 20230911. It has been rated as critical. This issue affects some unknown processing of the file /branch_viewmore.php. The manipulation of the argument id leads to sql injection.

The identification of this vulnerability is CVE-2024-7116. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

CVE-2024-7116 | MD-MAFUJUL-HASAN Online-Payroll-Management-System up to 20230911 /branch_viewmore.php id sql injection

Post correlati

CVE-2024-0999 | Totolink N200RE 9.3.5u.6139_B20201216 /cgi-bin/cstecgi.cgi setParentalRules eTime stack-based overflow

CVE-2024-4699 | D-Link DAR-8000-10 up to 20230922 /importhtml.php sql deserialization (SAP10354)

CVE-2024-4449 | Essential Addons for Elementor Plugin up to 5.9.19 on WordPress Widgets cross site scripting

CVE-2024-23507 | InstaWP Connect Plugin up to 0.1.0.9 on WordPress sql injection