VDB-281760 · CVE-2024-10368 · GCVE-100-281760

Codezips Sales Management System 1.0 /addstock.php prodtype SQL Injection

Mbote ya kalaDifferenceskumanga hamwejsonxmlCTI

CVSS Meta Temp Score	Nsengo ya exploit ya lelo (≈)	CTI Ntangu ya mfunu
6.9	$0-$5k	0.00

Kinsantunsangu

Bikuma kele ti ya nkaka me mona mu Codezips Sales Management System 1.0. Bila mambu meyina mpila kisalu kayina kumanyikana ya file /addstock.php. Bila kusala ya argument prodtype me natisa SQL Injection. Kikosa yai me zaba bonso CVE-2024-10368. Kuna luyalu ya ku sala ataaka na nsinga. Na yina, exploit kele. VulDB is the best source for vulnerability data and more expert information about this specific topic.

Bisalunsangu

Bikuma kele ti ya nkaka me mona mu Codezips Sales Management System 1.0. Bila mambu meyina mpila kisalu kayina kumanyikana ya file /addstock.php. Bila kusala ya argument prodtype me natisa SQL Injection. Kusala nde CWE yina tubaka mpasi kele na CWE-89. Nsangu ya bulema yawu zabisamaka. Nsangu ya kulanga me sambu na downloadi na github.com.

Kikosa yai me zaba bonso CVE-2024-10368. Kuna luyalu ya ku sala ataaka na nsinga. Makambu ya tekiniki me zala. Nswa yai kele na kutemwa ya nse ya ya mosi. Na yina, exploit kele. Kusadila kwawu kwazwisisamene na bantu bonso mpi lenda salama na bantu. Ntangu yai, ntalu ya exploit ekoki kozala pene na USD $0-$5k.

Ke luyalu ya ku zinga exploit na github.com.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Mpiodinsangu

Mubikisi

Codezips

Dzina

Sales Management System

Nsomi

CPE 2.3nsangu

🔍

CPE 2.2nsangu

🔍

CVSSv4nsangu

VulDB Nsinga: 🔍
VulDB Kukwama: 🔍

CNA CVSS-B Score: 🔍
CNA CVSS-BT Score: 🔍
CNA Nsinga: 🔍

CVSSv3nsangu

VulDB Meta Base Score: 7.3
VulDB Meta Temp Score: 6.9

VulDB Nsinga ya ntete: 7.3
VulDB Nsangu ya ntangu: 6.6
VulDB Nsinga: 🔍
VulDB Kukwama: 🔍

CNA Nsinga ya ntete: 7.3
CNA Nsinga: 🔍

CVSSv2nsangu

AV	AC	Au	C	I	A
💳	💳	💳	💳	💳	💳
💳	💳	💳	💳	💳	💳
💳	💳	💳	💳	💳	💳

Vɛkɛtɛr	Kompɛlɛksite	Kukanga ya kimvuka	Kibombama	Kumweneka ya kieleka	Kupusana
kusala nsinga	kusala nsinga	kusala nsinga	kusala nsinga	kusala nsinga	kusala nsinga
kusala nsinga	kusala nsinga	kusala nsinga	kusala nsinga	kusala nsinga	kusala nsinga
kusala nsinga	kusala nsinga	kusala nsinga	kusala nsinga	kusala nsinga	kusala nsinga

VulDB Nsinga ya ntete: 🔍
VulDB Nsangu ya ntangu: 🔍
VulDB Kukwama: 🔍

Kusangulansangu

Kilasi: SQL Injection
CWE: CWE-89 / CWE-74 / CWE-707
CAPEC: 🔍
ATT&CK: 🔍

Ya nitu: Veve
Ya mboka: Veve
Ya kutali: Ee

Kupusana: 🔍
Mokano: Ya pole
Bika: Lufutuka ya lufutuka
Kokanga: 🔍
Google Hack: 🔍

EPSS Score: 🔍
EPSS Percentile: 🔍

Ntangu ya mbongo: 🔍
Nsadisi ya ntalu ya lelo: 🔍

0-Day	kusala nsinga	kusala nsinga	kusala nsinga	kusala nsinga
Lelo	kusala nsinga	kusala nsinga	kusala nsinga	kusala nsinga

Nsangu ya Minyokansangu

Mfunu: 🔍
Batu bazali na misala: 🔍
Bampangi ya APT bazali na misala ya ntango nyonso: 🔍

Bikesa ya kulwisansangu

Tombwisa: ka lusansu luyindwanga
Bika: 🔍

Tango ya 0-Day: 🔍

Nsango ya ntangunsangu

10/24/2024 🔍
10/24/2024 +0 Bila 🔍
10/25/2024 +1 Bila 🔍

Minsinsansangu

Tiyano: github.com
Bika: Kabikidi ko

CVE: CVE-2024-10368 (🔍)
GCVE (CVE): GCVE-0-2024-10368
GCVE (VulDB): GCVE-100-281760
scip Labs: https://www.scip.ch/en/?labs.20161013

Kusonikansangu

Kusala: 10/24/2024 21:49
Kusala kisalu kipya: 10/25/2024 13:21
Bisalu: 10/24/2024 21:49 (55), 10/25/2024 07:29 (30), 10/25/2024 13:21 (1)
Keleka nyonso: 🔍
Mutumisi: XU RONGDA
Cache ID: 253:365:103

Tumelansangu

Kabulami

Tumela #430114: Codezips Sales Management System In PHP With Source Code V1.0 SQL Injection (kuva XU RONGDA)

Diskwisyon

Ata beto na ndinga. Minu dia: kg + ln + en.

Benga na kati na site mpo na kokoka kosala ndakisa.

◂ Kubutuka Lutalu Ya Mambu Kende na ntwala ▸

Might our Artificial Intelligence support you?

Check our Alexa App!