SourceCodester Music Gallery Site 1.0 Master.php?f=delete_music ID Enlakaat SQL

Un dizalc'hadenn gwallzarvoud evel kritikel zo bet dizoloet e SourceCodester Music Gallery Site 1.0. Kement-se a denn da ur fonksion dianav eus ar restr /php-music/classes/Master.php?f=delete_music. Ar merdeiñ eus an arguzenn ID a zegas da Enlakaat SQL. Implijout CWE evit menegiñ ar gudenn a gas da CWE-89. Kement-se a zo bet embannet 30/08/2024. An aliadenn a vez kinniget evit pellgargañ war github.com. An dizurzh-mañ a vez anavezet evel CVE-2024-8336. Emañ ar galloud da lakaat an dagadenn da sevel a-bell. Titouroù teknikel a zo da gaout. Atav, ur mod da implijout an dra-se a zo. An diskoulm zo bet roet da c'houzout d'an holl ha gallout a reer e implij. Bremañ emañ priz an exploit might be approx. USD $0-$5k war an amzer-mañ. Lavaret eo ez eo test-kas ouzhpenn. Gallout a rit pellgargañ an exploit war github.com. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

7 Daskemmoù · 100 Poentoù roadennoù

MaezHizivadur 2/6
30/08/2024 09:06		Hizivadur 3/6
30/08/2024 09:09		Hizivadur 4/6
31/08/2024 15:10		Hizivadur 5/6
04/09/2024 04:38		Hizivadur 6/6
05/09/2024 03:44
software_vendorSourceCodesterSourceCodesterSourceCodesterSourceCodesterSourceCodester
software_nameMusic Gallery SiteMusic Gallery SiteMusic Gallery SiteMusic Gallery SiteMusic Gallery Site
software_version1.01.01.01.01.0
software_file/php-music/classes/Master.php?f=delete_music/php-music/classes/Master.php?f=delete_music/php-music/classes/Master.php?f=delete_music/php-music/classes/Master.php?f=delete_music/php-music/classes/Master.php?f=delete_music
software_argumentididididid
vulnerability_cweCWE-89 (Enlakaat SQL)CWE-89 (Enlakaat SQL)CWE-89 (Enlakaat SQL)CWE-89 (Enlakaat SQL)CWE-89 (Enlakaat SQL)
vulnerability_risk22222
cvss3_vuldb_avNNNNN
cvss3_vuldb_acLLLLL
cvss3_vuldb_uiNNNNN
cvss3_vuldb_sUUUUU
cvss3_vuldb_cLLLLL
cvss3_vuldb_iLLLLL
cvss3_vuldb_aLLLLL
cvss3_vuldb_ePPPPP
cvss3_vuldb_rcRRRRR
advisory_urlhttps://github.com/LiuHaoBin6/cve/blob/main/sql5.mdhttps://github.com/LiuHaoBin6/cve/blob/main/sql5.mdhttps://github.com/LiuHaoBin6/cve/blob/main/sql5.mdhttps://github.com/LiuHaoBin6/cve/blob/main/sql5.mdhttps://github.com/LiuHaoBin6/cve/blob/main/sql5.md
exploit_availability11111
exploit_publicity11111
exploit_urlhttps://github.com/LiuHaoBin6/cve/blob/main/sql5.mdhttps://github.com/LiuHaoBin6/cve/blob/main/sql5.mdhttps://github.com/LiuHaoBin6/cve/blob/main/sql5.mdhttps://github.com/LiuHaoBin6/cve/blob/main/sql5.mdhttps://github.com/LiuHaoBin6/cve/blob/main/sql5.md
source_cveCVE-2024-8336CVE-2024-8336CVE-2024-8336CVE-2024-8336CVE-2024-8336
cna_responsibleVulDBVulDBVulDBVulDBVulDB
software_typePhoto Gallery SoftwarePhoto Gallery SoftwarePhoto Gallery SoftwarePhoto Gallery SoftwarePhoto Gallery Software
cvss2_vuldb_avNNNNN
cvss2_vuldb_acLLLLL
cvss2_vuldb_ciPPPPP
cvss2_vuldb_iiPPPPP
cvss2_vuldb_aiPPPPP
cvss2_vuldb_ePOCPOCPOCPOCPOC
cvss2_vuldb_rcURURURURUR
cvss4_vuldb_avNNNNN
cvss4_vuldb_acLLLLL
cvss4_vuldb_uiNNNNN
cvss4_vuldb_vcLLLLL
cvss4_vuldb_viLLLLL
cvss4_vuldb_vaLLLLL
cvss4_vuldb_ePPPPP
cvss2_vuldb_auSSSSS
cvss2_vuldb_rlNDNDNDNDND
cvss3_vuldb_prLLLLL
cvss3_vuldb_rlXXXXX
cvss4_vuldb_atNNNNN
cvss4_vuldb_prLLLLL
cvss4_vuldb_scNNNNN
cvss4_vuldb_siNNNNN
cvss4_vuldb_saNNNNN
cvss2_vuldb_basescore6.56.56.56.56.5
cvss2_vuldb_tempscore5.65.65.65.65.6
cvss3_vuldb_basescore6.36.36.36.36.3
cvss3_vuldb_tempscore5.75.75.75.75.7
cvss3_meta_basescore6.38.17.57.57.5
cvss3_meta_tempscore5.77.67.27.27.8
cvss4_vuldb_bscore5.35.35.35.35.3
cvss4_vuldb_btscore2.12.12.12.12.1
advisory_date1724968800 (30/08/2024)1724968800 (30/08/2024)1724968800 (30/08/2024)1724968800 (30/08/2024)1724968800 (30/08/2024)
price_0day$0-$5k$0-$5k$0-$5k$0-$5k$0-$5k
cvss3_researcher_acLLLLL
cvss3_researcher_iHHHHH
cvss3_researcher_sCCCCC
cvss3_researcher_cHHHHH
cvss3_researcher_avNNNNN
cvss3_researcher_prNNNNN
cvss3_researcher_rlXXXXX
cvss3_researcher_rcRRRRR
cvss3_researcher_aHHHHH
cvss3_researcher_uiNNNNN
cvss3_researcher_eXXXXX
cvss3_researcher_basescore10.010.010.010.0
cve_nvd_summaryA vulnerability classified as critical was found in SourceCodester Music Gallery Site 1.0. Affected by this vulnerability is an unknown functionality of the file /php-music/classes/Master.php?f=delete_music. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.A vulnerability classified as critical was found in SourceCodester Music Gallery Site 1.0. Affected by this vulnerability is an unknown functionality of the file /php-music/classes/Master.php?f=delete_music. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.A vulnerability classified as critical was found in SourceCodester Music Gallery Site 1.0. Affected by this vulnerability is an unknown functionality of the file /php-music/classes/Master.php?f=delete_music. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
cvss3_cna_avNNN
cvss3_cna_acLLL
cvss3_cna_prLLL
cvss3_cna_uiNNN
cvss3_cna_sUUU
cvss3_cna_cLLL
cvss3_cna_iLLL
cvss3_cna_aLLL
cvss3_cna_basescore6.36.36.3
cvss2_cna_avNNN
cvss2_cna_acLLL
cvss2_cna_auSSS
cvss2_cna_ciPPP
cvss2_cna_iiPPP
cvss2_cna_aiPPP
cvss2_cna_basescore6.56.56.5
cve_nvd_summaryesSe ha encontrado una vulnerabilidad clasificada como crítica en SourceCodester Music Gallery Site 1.0. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /php-music/classes/Master.php?f=delete_music. La manipulación del argumento id conduce a una inyección SQL. El ataque se puede ejecutar de forma remota. El exploit se ha hecho público y puede utilizarse.Se ha encontrado una vulnerabilidad clasificada como crítica en SourceCodester Music Gallery Site 1.0. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /php-music/classes/Master.php?f=delete_music. La manipulación del argumento id conduce a una inyección SQL. El ataque se puede ejecutar de forma remota. El exploit se ha hecho público y puede utilizarse.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss3_nvd_basescore9.8

DistreiñAlc'hwezerezhKenderc'hel

Do you need the next level of professionalism?

Upgrade your account now!