CVE-2024-9008 | SourceCodester Best Online News Portal 1.0 Comment Section /news-details.php name sql injection

Posted by Angelo Barbosa | Sep 19, 2024 | CVE

A vulnerability classified as critical was found in SourceCodester Best Online News Portal 1.0. This vulnerability affects unknown code of the file /news-details.php of the component Comment Section. The manipulation of the argument name leads to sql injection.

This vulnerability was named CVE-2024-9008. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-9008 | SourceCodester Best Online News Portal 1.0 Comment Section /news-details.php name sql injection

Related Posts

CVE-2024-31224 | binary-husky GPT Academic up to 3.73 deserialization

CVE-2024-5428 | SourceCodester Simple Online Bidding System 1.0 HTTP POST Request index.php save_product cross-site request forgery

CVE-2023-45724 | HCL DRYiCE MyXalytics 5.9/6.0/6.1 improper authentication (KB0109608)

CVE-2024-24475 | QEMU up to 8.1.x contrib/elf2dmp/pdb.c pdb_get_file_size(const data authenticity