CVE-2024-10337 | SourceCodeHero Clothes Recommendation System 1.0 /admin/home.php?con=add cat/subcat/ t1/t2/text sql injection

Posted by Angelo Barbosa | Oct 24, 2024 | CVE

A vulnerability classified as critical has been found in SourceCodeHero Clothes Recommendation System 1.0. Affected is an unknown function of the file /admin/home.php?con=add. The manipulation of the argument cat/subcat/ t1/t2/text leads to sql injection.

This vulnerability is traded as CVE-2024-10337. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-10337 | SourceCodeHero Clothes Recommendation System 1.0 /admin/home.php?con=add cat/subcat/ t1/t2/text sql injection

Related Posts

CVE-2023-50852 | StylemixThemes Booking Calendar Plugin up to 2.4.3 on WordPress sql injection

CVE-2024-21862 | Intel Quartus Prime Standard Edition Design Software prior 23.1 uncontrolled search path (intel-sa-01055)

CVE-2024-24377 | idocv 14.1.3_20231228 information disclosure

CVE-2024-23580 | HCL DRYiCE Optibot Reset Station 1.0/2.0 One-Time Password encrypted inadequate encryption (KB0113496)