CVE-2024-0498 | Project Worlds Lawyer Management System 1.0 searchLawyer.php experience sql injection

Posted by Angelo Barbosa | Jan 12, 2024 | CVE

A vulnerability was found in Project Worlds Lawyer Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file searchLawyer.php. The manipulation of the argument experience leads to sql injection.

This vulnerability is known as CVE-2024-0498. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-0498 | Project Worlds Lawyer Management System 1.0 searchLawyer.php experience sql injection

Related Posts

CVE-2024-26303 | HPE ArubaOS-S Switch up to 16.11.0015 SSH Daemon denial of service (ARUBA-PSA-2024-003)

CVE-2023-38367 | IBM Cloud Pak for Automation up to 22.0.2 API improper authentication (XFDB-261130)

CVE-2024-7441 | Vivotek SD9364 VVTK-0103f httpd read Content-Length stack-based overflow

CVE-2024-51258 | DrayTek Vigor 3900 1.5.1.3 mainfunction.cgi doSSLTunnel command injection