CVE-2024-28595 | Employee Management System 1.0 update-admin.php admin_id sql injection

Posted by Angelo Barbosa | Mar 19, 2024 | CVE

A vulnerability was found in Employee Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file update-admin.php. The manipulation of the argument admin_id leads to sql injection.

This vulnerability is known as CVE-2024-28595. The attack can be launched remotely. There is no exploit available.

CVE-2024-28595 | Employee Management System 1.0 update-admin.php admin_id sql injection

Related Posts

CVE-2020-36826 | AwesomestCode LiveBot prior 0.1 js/parseMessage.js parseSend cross site scripting

CVE-2024-43134 | xootix Waitlist Woocommerce Plugin up to 2.6 on WordPress authorization

CVE-2024-24061 | springboot-manager 1.6 /sysContent/add cross site scripting

CVE-2021-47206 | Linux Kernel up to 5.15.4 platform_get_resource return value