CVE-2024-12497 | 1000 Projects Attendance Tracking Management System 1.0 check_admin_login.php admin_user_name sql injection

Posted by Angelo Barbosa | Dec 11, 2024 | CVE

A vulnerability classified as critical has been found in 1000 Projects Attendance Tracking Management System 1.0. Affected is an unknown function of the file /admin/check_admin_login.php. The manipulation of the argument admin_user_name leads to sql injection.

This vulnerability is traded as CVE-2024-12497. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-12497 | 1000 Projects Attendance Tracking Management System 1.0 check_admin_login.php admin_user_name sql injection

Related Posts

CVE-2024-32575 | Kraftplugins Mega Elements Plugin up to 1.1.9 on WordPress cross site scripting

CVE-2024-44309 | Apple Safari on Intel Cookie cross site scripting

CVE-2024-27990 | The Moneytizer Plugin up to 9.5.20 on WordPress cross site scripting

CVE-2024-53132 | Linux Kernel up to 6.11.9 Privilege Escalation (ed7cd3510d8d/c0403e4ceeca)