CVE-2025-4024 | itsourcecode Placement Management System 1.0 /add_drive.php drive_title sql injection

Inserito da Angelo Barbosa | Apr 27, 2025 | CVE

A vulnerability classified as critical has been found in itsourcecode Placement Management System 1.0. Affected is an unknown function of the file /add_drive.php. The manipulation of the argument drive_title leads to sql injection.

This vulnerability is traded as CVE-2025-4024. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Other parameters might be affected as well.

CVE-2025-4024 | itsourcecode Placement Management System 1.0 /add_drive.php drive_title sql injection

Post correlati

CVE-2024-10775 | Piotnet Addons For Elementor Plugin up to 2.4.32 on WordPress Post information disclosure

CVE-2024-6894 | RD Station Plugin up to 5.3.2 on WordPress cross site scripting

CVE-2024-7740 | wanglongcn ltcms 1.0.20 API Endpoint /api/test/download url server-side request forgery

CVE-2024-36985 | Splunk Enterprise up to 9.0.9/9.1.4/9.2.1 Splunk_archiver unknown vulnerability (SVD-2024-0705)