CVE-2024-8564 | SourceCodester PHP CRUD 1.0 /endpoint/update.php tbl_person_id/first_name/middle_name/last_name sql injection

Posted by Angelo Barbosa | Sep 6, 2024 | CVE

A vulnerability was found in SourceCodester PHP CRUD 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update.php. The manipulation of the argument tbl_person_id/first_name/middle_name/last_name leads to sql injection.

This vulnerability was named CVE-2024-8564. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-8564 | SourceCodester PHP CRUD 1.0 /endpoint/update.php tbl_person_id/first_name/middle_name/last_name sql injection

Related Posts

CVE-2024-38678 | Calendar.online Plugin/Kalender.digital Plugin up to 1.0.8 on WordPress cross site scripting

CVE-2024-37734 | OpenEMR 7.0.2 POST Request noteid Privilege Escalation

CVE-2024-6811 | IrfanView WSQ File Parser out-of-bounds write

CVE-2024-25123 | Open-MSS up to 8.3.2 index.py filename path traversal (GHSA-pf2h-qjcr-qvq2)