CVE-2024-8347 | SourceCodester Computer Laboratory Management System 1.0 Master.php delete_record id sql injection

Inserito da Angelo Barbosa | Ago 30, 2024 | CVE

A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. Affected by this vulnerability is the function delete_record of the file /classes/Master.php?f=delete_record. The manipulation of the argument id leads to sql injection.

This vulnerability is known as CVE-2024-8347. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-8347 | SourceCodester Computer Laboratory Management System 1.0 Master.php delete_record id sql injection

Post correlati

CVE-2024-51019 | Netgear R7000P 1.3.3.154 POST Request pppoe.cgi pppoe_localnetmask stack-based overflow

CVE-2024-28870 | OISF Suricata up to 6.0.16/7.0.3 SSH Banner Parser allocation of resources (GHSA-mhhx-xw7r-r5c8)

CVE-2023-51133 | Totolink X2000R Gh 1.0.0-B20230221.0948.web formRoute stack-based overflow

CVE-2024-7179 | TOTOLINK A3600R 4.1.2cu.5182_B20201102 /cgi-bin/cstecgi.cgi setParentalRules startTime/endTime buffer overflow