CVE-2024-1826 | code-projects Library System 1.0 login.php username/password sql injection

Posted by Angelo Barbosa | Feb 23, 2024 | CVE

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file Source/librarian/user/student/login.php. The manipulation of the argument username/password leads to sql injection.

This vulnerability was named CVE-2024-1826. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-1826 | code-projects Library System 1.0 login.php username/password sql injection

Related Posts

CVE-2023-41705 | Open-Xchange OX App Suite up to 7.6.3-rev71/7.10.6-rev55/8.20 DAV User-Agent String resource consumption

CVE-2023-51770 | Apache DolphinScheduler up to 3.2.0 code injection

CVE-2024-31459 | Cacti up to 1.2.26 lib/plugin.php api_plugin_hook filename control

CVE-2024-39907 | 1Panel 1.10.9-tls/1.10.10-tls/1.10.11-tls sql injection (GHSA-5grx-v727-qmq6)