SourceCodester Employee and Visitor Gate Pass Logging System 1.0 Users.php?f=save save_users ID SQL Injection
| CVSS Meta Temp Score | Nsengo ya exploit ya lelo (≈) | CTI Ntangu ya mfunu |
|---|---|---|
| 8.1 | $0-$5k | 0.00 |
Kinsantu
Bikuma kele ti ya nkaka me mona mu SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Bila mambu meyina mpila kisalu save_users ya file /classes/Users.php?f=save. Bila kusala ya argument ID me natisa SQL Injection.
Kikosa yai me zaba bonso CVE-2024-5896. Kuna luyalu ya ku sala ataaka na nsinga. Na yina, exploit kele.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Bisalu
Bikuma kele ti ya nkaka me mona mu SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Bila mambu meyina mpila kisalu save_users ya file /classes/Users.php?f=save. Bila kusala ya argument ID me natisa SQL Injection. Kusala nde CWE yina tubaka mpasi kele na CWE-89. Nsangu ya bulema yawu zabisamaka. Nsangu ya kulanga me sambu na downloadi na github.com.
Kikosa yai me zaba bonso CVE-2024-5896. Kuna luyalu ya ku sala ataaka na nsinga. Makambu ya tekiniki me zala. Nswa yai kele na kutemwa ya nse ya ya mosi. Na yina, exploit kele. Kusadila kwawu kwazwisisamene na bantu bonso mpi lenda salama na bantu. Ntangu yai, ntalu ya exploit ekoki kozala pene na USD $0-$5k.
Ke luyalu ya ku zinga exploit na github.com.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Mpiodi
Mubikisi
Dzina
Nsomi
Lisansi
Nseke ya Internet
- Mubikisi: https://www.sourcecodester.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Nsinga: 🔍VulDB Kukwama: 🔍
CVSSv3
VulDB Meta Base Score: 8.3VulDB Meta Temp Score: 8.1
VulDB Nsinga ya ntete: 7.3
VulDB Nsangu ya ntangu: 6.6
VulDB Nsinga: 🔍
VulDB Kukwama: 🔍
Muntu Nsinga ya ntete: 9.0
Muntu Nsinga: 🔍
NVD Nsinga ya ntete: 9.8
NVD Nsinga: 🔍
CNA Nsinga ya ntete: 7.3
CNA Nsinga: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vɛkɛtɛr | Kompɛlɛksite | Kukanga ya kimvuka | Kibombama | Kumweneka ya kieleka | Kupusana |
|---|---|---|---|---|---|
| kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
| kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
| kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
VulDB Nsinga ya ntete: 🔍
VulDB Nsangu ya ntangu: 🔍
VulDB Kukwama: 🔍
Kusangula
Kilasi: SQL InjectionCWE: CWE-89 / CWE-74 / CWE-707
CAPEC: 🔍
ATT&CK: 🔍
Ya nitu: Veve
Ya mboka: Veve
Ya kutali: Ee
Kupusana: 🔍
Mokano: Ya pole
Bika: Lufutuka ya lufutuka
Kokanga: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Ntangu ya mbongo: 🔍
Nsadisi ya ntalu ya lelo: 🔍
| 0-Day | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
|---|---|---|---|---|
| Lelo | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
Nsangu ya Minyoka
Mfunu: 🔍Batu bazali na misala: 🔍
Bampangi ya APT bazali na misala ya ntango nyonso: 🔍
Bikesa ya kulwisa
Tombwisa: ka lusansu luyindwangaBika: 🔍
Tango ya 0-Day: 🔍
Nsango ya ntangu
06/12/2024 🔍06/12/2024 🔍
08/23/2024 🔍
Minsinsa
Mubikisi: sourcecodester.comTiyano: github.com
Bika: Kabikidi ko
CVE: CVE-2024-5896 (🔍)
GCVE (CVE): GCVE-0-2024-5896
GCVE (VulDB): GCVE-100-268140
scip Labs: https://www.scip.ch/en/?labs.20161013
Kusonika
Kusala: 06/12/2024 11:04Kusala kisalu kipya: 08/23/2024 18:48
Bisalu: 06/12/2024 11:04 (56), 06/12/2024 11:54 (11), 06/12/2024 11:57 (3), 06/12/2024 13:23 (12), 06/13/2024 20:31 (20), 08/23/2024 18:48 (12)
Keleka nyonso: 🔍
Mutumisi: Hefei-Coffee
Musanola: Hefei-Coffee
Cache ID: 253:C5F:103
Tumela
Kabulami
- Tumela #354925: sourcecodester Employee and Visitor Gate Pass Logging System v1.0 L injection (kuva Hefei-Coffee)
Ata beto na ndinga. Minu dia: kg + ln + en.
Benga na kati na site mpo na kokoka kosala ndakisa.