CVE-2024-0471 | code-projects Human Resource Integrated System 1.0 dec_service_credits.php date sql injection

Posted by Angelo Barbosa | Jan 12, 2024 | CVE

A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin_route/dec_service_credits.php. The manipulation of the argument date leads to sql injection.

This vulnerability was named CVE-2024-0471. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-0471 | code-projects Human Resource Integrated System 1.0 dec_service_credits.php date sql injection

Related Posts

CVE-2024-4083 | Easy Restaurant Table Booking Plugin up to 1.0.0 on WordPress cross-site request forgery

CVE-2024-22390 | Intel FPGA Products prior 2.9.1 denial of service (intel-sa-01050)

CVE-2023-40056 | SolarWinds Platform up to 2023.4.1 sql injection

CVE-2024-37681 | Shanxi Internet Chuangxiang Technology Background Management System 1.0.1 index.html denial of service