CVE-2024-12946 | 1000 Projects Attendance Tracking Management System 1.0 /admin/admin_action.php admin_user_name sql injection

Posted by Angelo Barbosa | Dec 25, 2024 | CVE

A vulnerability, which was classified as critical, has been found in 1000 Projects Attendance Tracking Management System 1.0. This issue affects some unknown processing of the file /admin/admin_action.php. The manipulation of the argument admin_user_name leads to sql injection.

The identification of this vulnerability is CVE-2024-12946. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-12946 | 1000 Projects Attendance Tracking Management System 1.0 /admin/admin_action.php admin_user_name sql injection

Related Posts

CVE-2024-2791 | Metform Elementor Contact Form Builder Plugin up to 3.8.5 on WordPress Widgets cross site scripting

CVE-2024-45812 | vitejs Vite up to 3.2.10/4.5.4/5.2.13/5.3.5/5.4.5 cross site scripting (GHSA-64vr-g452-qvp3)

CVE-2024-5212 | tagDiv Composer Plugin up to 5.0 on WordPress envato_code[] cross site scripting

CVE-2024-29419 | Totolink X2000R prior 1.0.0-B20231213.1013 Easy Setup Page cross site scripting