CVE-2024-5896 | SourceCodester Employee and Visitor Gate Pass Logging System 1.0 Users.php save_users id sql injection

Posted by Angelo Barbosa | Jun 12, 2024 | CVE

A vulnerability, which was classified as critical, was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is the function save_users of the file /classes/Users.php?f=save. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2024-5896. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-5896 | SourceCodester Employee and Visitor Gate Pass Logging System 1.0 Users.php save_users id sql injection

Related Posts

CVE-2023-45859 | Hazelcast on Hazelcast Client Protocol permissions

CVE-2024-47966 | Delta Electronics CNCSoft-G2 2.1.0.10 uninitialized variable (icsa-24-284-21)

CVE-2024-43692 | Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE Resource Sub Page authentication bypass (icsa-24-268-04)

CVE-2023-52906 | Linux Kernel up to 5.4.228/5.10.163/5.15.88/6.1.6 lib/nlattr.c nla_get_range_unsigned data authenticity