CVE-2024-0471 | code-projects Human Resource Integrated System 1.0 dec_service_credits.php date sql injection

Posted by Angelo Barbosa | Jan 12, 2024 | CVE

A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin_route/dec_service_credits.php. The manipulation of the argument date leads to sql injection.

This vulnerability was named CVE-2024-0471. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-0471 | code-projects Human Resource Integrated System 1.0 dec_service_credits.php date sql injection

Related Posts

CVE-2024-25224 | Simple Admin Panel App 1.0 Add Size Size Number cross site scripting

CVE-2024-41127 | monkeytypegame monkeytype prior 24.30.0 ./pr_num/pr_num.txt injection (GHSA-wcjf-5464-4wq9)

CVE-2024-6778 | Google Chrome up to 126.0.6478.126 DevTools race condition (ID 341136)

CVE-2024-5734 | itsourcecode Online Discussion Forum 1.0 /members/poster.php image unrestricted upload