VDB-269167 · CVE-2024-6195 · GCVE-100-269167

itsourcecode Tailoring Management System 1.0 orderadd.php Kunde SQL Injection

Gaskiya vulnerability da aka ware a matsayin kura an samu a itsourcecode Tailoring Management System 1.0. Hakika, aikin $software_function ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil orderadd.php, a cikin sashen $software_component. A sa manipulation of the argument Kunde ka SQL Injection. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-89. Hakika, rauni an bayyana shi 06/20/2024. An raba bayanin tsaro don saukewa a github.com. Wannan matsala ana saninta da CVE-2024-6195. Ngam yiɗi ka a tuma ndiyam ka nder waya. Tekinikal faɗi ga. Har ila yau, exploit ɗin yana nan. An bayyana exploit ɗin ga mutane kuma yana iya amfani. A sa'i, exploit might be approx. USD $0-$5k ndiyam. Á sàmbu huɗɗi-na-gaskiya. Exploit ɗin za a iya saukewa daga github.com. 0-day shima, an ndiyam a wuro be $0-$5k. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

1 Goyarwa · 55 Datenpunkte

-Furɗe
+Súgá
06/20/2024 08:11
-software_vendor
+itsourcecode
-software_name
+Tailoring Management System
-software_version
+.0
-software_file
+orderadd.php
-software_argument
+customer
-vulnerability_cwe
+CWE-89 (SQL Injection)
-vulnerability_risk
-cvss3_vuldb_av
+N
-cvss3_vuldb_ac
+L
-cvss3_vuldb_ui
+N
-cvss3_vuldb_s
+U
-cvss3_vuldb_c
+L
-cvss3_vuldb_i
+L
-cvss3_vuldb_a
+L
-cvss3_vuldb_e
+P
-cvss3_vuldb_rc
+R
-advisory_url
+https://github.com/2768210355/cve/issues/2
-exploit_availability
-exploit_publicity
-exploit_url
+https://github.com/2768210355/cve/issues/2
-source_cve
+CVE-2024-6195
-cna_responsible
+VulDB
-cvss2_vuldb_av
+N
-cvss2_vuldb_ac
+L
-cvss2_vuldb_ci
+P
-cvss2_vuldb_ii
+P
-cvss2_vuldb_ai
+P
-cvss2_vuldb_e
+POC
-cvss2_vuldb_rc
+UR
-cvss4_vuldb_av
+N
-cvss4_vuldb_ac
+L
-cvss4_vuldb_ui
+N
-cvss4_vuldb_vc
+L
-cvss4_vuldb_vi
+L
-cvss4_vuldb_va
+L
-cvss4_vuldb_e
+P
-cvss2_vuldb_au
+S
-cvss2_vuldb_rl
+ND
-cvss3_vuldb_pr
+L
-cvss3_vuldb_rl
+X
-cvss4_vuldb_at
+N
-cvss4_vuldb_pr
+L
-cvss4_vuldb_sc
+N
-cvss4_vuldb_si
+N
-cvss4_vuldb_sa
+N
-cvss2_vuldb_basescore
+.5
-cvss2_vuldb_tempscore
+.6
-cvss3_vuldb_basescore
+.3
-cvss3_vuldb_tempscore
+.7
-cvss3_meta_basescore
+.3
-cvss3_meta_tempscore
+.7
-cvss4_vuldb_bscore
+.3
-cvss4_vuldb_btscore
+.1
-advisory_date
+1718834400 (06/20/2024)
-price_0day
+$0-$5k

◂ Gurɗo Gumti Gada ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!