CVE-2024-11256 | 1000 Projects Portfolio Management System MCA 1.0 /login.php username sql injection

Posted by Angelo Barbosa | Nov 15, 2024 | CVE

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. This issue affects some unknown processing of the file /login.php. The manipulation of the argument username leads to sql injection.

The identification of this vulnerability is CVE-2024-11256. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-11256 | 1000 Projects Portfolio Management System MCA 1.0 /login.php username sql injection

Related Posts

CVE-2023-49795 | MindsDB up to 23.11.4.0 file.py server-side request forgery (GHSA-34mr-6q8x-g9r6)

CVE-2024-42737 | TOTOLINK X5000r 9.1.0cu.2350_b20230313 /cgi-bin/cstecgi.cgi delBlacklist os command injection

CVE-2024-6787 | Moxa MXview One up to 1.3 toctou

CVE-2022-48662 | Linux Kernel up to 5.15.71/5.19.11/6.0 context_close iteration (713fa3e4591f/f799e0568d6c/d119888b09bd)