CVE-2024-6417 | SourceCodester Simple Online Bidding System 1.0 ajax.php id sql injection

Posted by Angelo Barbosa | Jun 30, 2024 | CVE

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php?action=delete_user. The manipulation of the argument id leads to sql injection.

This vulnerability is handled as CVE-2024-6417. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-6417 | SourceCodester Simple Online Bidding System 1.0 ajax.php id sql injection

Related Posts

CVE-2023-47853 | myCred Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin cross site scripting

CVE-2024-34743 | Google Android 14 SurfaceFlinger.cpp setTransactionState state issue

CVE-2024-3431 | EyouCMS 1.6.5 Backend login.php channel_id deserialization

CVE-2023-4509 | Octopus Server prior 2023.4.296/2024.1.437/2024.2.101 API Key log file