CVE-2024-8561 | SourceCodester PHP CRUD 1.0 Delete Person /endpoint/delete.php person sql injection

Inserito da Angelo Barbosa | Set 6, 2024 | CVE

A vulnerability has been found in SourceCodester PHP CRUD 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete.php of the component Delete Person Handler. The manipulation of the argument person leads to sql injection.

This vulnerability is known as CVE-2024-8561. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-8561 | SourceCodester PHP CRUD 1.0 Delete Person /endpoint/delete.php person sql injection

Post correlati

CVE-2024-27101 | authzed spicedb up to 1.29.1 integer overflow (GHSA-h3m7-rqc4-7h9p)

CVE-2024-6687 | CTT Expresso para WooCommerce Plugin up to 3.2.12 on WordPress file information disclosure

CVE-2023-5770 | Proofpoint Enterprise Protection up to 8.18.6/8.20.0/8.20.2 Email Subject inappropriate encoding for output context

CVE-2024-52023 | Netgear XR300/R6400/R7000P HTTP POST Request pppoe2.cgi pppoe_localip stack-based overflow