CVE-2024-1831 | SourceCodester Complete File Management System 1.0 Login Form users/index.php username sql injection

Posted by Angelo Barbosa | Feb 23, 2024 | CVE

A vulnerability, which was classified as critical, was found in SourceCodester Complete File Management System 1.0. Affected is an unknown function of the file users/index.php of the component Login Form. The manipulation of the argument username with the input torada%27+or+%271%27+%3D+%271%27+--+- leads to sql injection.

This vulnerability is traded as CVE-2024-1831. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-1831 | SourceCodester Complete File Management System 1.0 Login Form users/index.php username sql injection

Related Posts

CVE-2024-8743 | Bit File Manager Plugin up to 6.5.7 on WordPress JavaScript File unrestricted upload

CVE-2024-8866 | AutoCMS 5.4 /admin/robot.php sidebar cross site scripting (Issue 68)

CVE-2024-29510 | Ghostscript uniprint Device os command injection

CVE-2021-47082 | Linux Kernel up to 4.19.279/5.4.239/5.10.135/5.15.11 tun lib/dump_stack.c tun_free_netdev double free