CVE-2024-13005 | 1000 Projects Attendance Tracking Management System 1.0 attendance_action.php attendance_id sql injection

Posted by Angelo Barbosa | Dec 28, 2024 | CVE

A vulnerability classified as critical was found in 1000 Projects Attendance Tracking Management System 1.0. This vulnerability affects unknown code of the file /admin/attendance_action.php. The manipulation of the argument attendance_id leads to sql injection.

This vulnerability was named CVE-2024-13005. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-13005 | 1000 Projects Attendance Tracking Management System 1.0 attendance_action.php attendance_id sql injection

Related Posts

CVE-2023-7177 | Campcodes Online College Library System 1.0 HTTP POST Request /admin/book_add.php category sql injection

CVE-2024-43406 | LF-Edge ekuiper up to 1.14.1 sql injection (GHSA-r5ph-4jxm-6j9p)

CVE-2024-1146 | Devklan Alma Blog up to 2.1.10 Community Description/Community Rules cross site scripting

CVE-2024-47358 | Popup Maker Plugin up to 1.19.2 on WordPress authorization