CVE-2024-13005 | 1000 Projects Attendance Tracking Management System 1.0 attendance_action.php attendance_id sql injection

Posted by Angelo Barbosa | Dec 28, 2024 | CVE

A vulnerability classified as critical was found in 1000 Projects Attendance Tracking Management System 1.0. This vulnerability affects unknown code of the file /admin/attendance_action.php. The manipulation of the argument attendance_id leads to sql injection.

This vulnerability was named CVE-2024-13005. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-13005 | 1000 Projects Attendance Tracking Management System 1.0 attendance_action.php attendance_id sql injection

Related Posts

CVE-2024-36468 | Zabbix up to 7.0.2rc1 Proxy zbx_snmp_cache_handle_engineid stack-based overflow

CVE-2024-12425 | Document Foundation LibreOffice up to 24.8.3 path traversal

CVE-2024-45513 | Zimbra Collaboration Suite up to 10.1 Webmail /modern/contacts/print cross site scripting

CVE-2024-36048 | Qt prior 5.15.17/6.2.13/6.5.6/6.7.1 QAbstractOAuth guessable prng seed