Project Worlds Life Insurance Management System 1.0 /editPayment.php recipt_no SQL Injection

Wuro vulnerability wey an yi classify sey kura an gano shi a cikin Project Worlds Life Insurance Management System 1.0. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, /editPayment.php na cikin fayil, $software_component na cikin sashi. Ngam manipulation of the argument recipt_no shi SQL Injection. CWE shidin ka a yi bayani matsala sai ya kai CWE-89. Gaskiya, laifi an fitar da shi 11/02/2024. Advisory ɗin ana rabawa don saukewa a github.com. Wannan rauni ana sayar da shi da suna CVE-2024-10734. Ngam yiɗi ka a tuma ndiyam ka nder waya. Tekinikal bayani ga. Kuma, exploit ɗin yana akwai. Wuro exploit ɗin an bayyana shi ga jama'a kuma za a iya amfani da shi. A sa'i, exploit might be approx. USD $0-$5k ndiyam. Á wúro huɗɗi-na-gaskiya. Wona yiwuwa a zazzage exploit a github.com. Kama 0-day, an ndiyam a wuro be $0-$5k. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Waktin goyi

Màdùmga

VulDB Mod Team87

Furɗe

cvss3_meta_tempscore2
cve_nvd_summaryes1
cvss2_cna_basescore1
cvss2_cna_ai1
cvss2_cna_ii1

Commit Conf

99%30
90%29
50%12
80%8
70%7

Approve Conf

99%30
90%29
80%27
100%1

87 Kari

IDSandaMàdùmgaFurɗeGargajiyaGargaGargajiyaJawanC
1812044611/04/2024
 VulDB…		cve_nvd_summaryesSe ha encontrado una vulnerabilidad en Project Worlds Life Insurance Management System 1.0. Se ha clasificado como crítica. Afecta a una parte desconocida del archivo /editPayment.php. La manipulación del argumento recipt_no provoca una inyección SQL. Es posible iniciar el ataque de forma remota. El exploit se ha hecho público y puede utilizarse.cve.org11/04/2024shingilam
99
1811299911/03/2024
 VulDB…		cvss3_meta_tempscore6.0see CVSS documentation11/03/2024shingilam
80
1811299811/03/2024
 VulDB…		cvss2_cna_basescore6.5see CVSS documentation11/03/2024shingilam
99
1811299711/03/2024
 VulDB…		cvss2_cna_aiPsee CVSS documentation11/03/2024shingilam
99
1811299611/03/2024
 VulDB…		cvss2_cna_iiPsee CVSS documentation11/03/2024shingilam
99
1811299511/03/2024
 VulDB…		cvss2_cna_ciPsee CVSS documentation11/03/2024shingilam
99
1811299411/03/2024
 VulDB…		cvss2_cna_auSsee CVSS documentation11/03/2024shingilam
99
1811299311/03/2024
 VulDB…		cvss2_cna_acLsee CVSS documentation11/03/2024shingilam
99
1811299211/03/2024
 VulDB…		cvss2_cna_avNsee CVSS documentation11/03/2024shingilam
99
1811299111/03/2024
 VulDB…		cvss3_cna_basescore6.3see CVSS documentation11/03/2024shingilam
99
1811299011/03/2024
 VulDB…		cvss3_cna_aLsee CVSS documentation11/03/2024shingilam
99
1811298911/03/2024
 VulDB…		cvss3_cna_iLsee CVSS documentation11/03/2024shingilam
99
1811298811/03/2024
 VulDB…		cvss3_cna_cLsee CVSS documentation11/03/2024shingilam
99
1811298711/03/2024
 VulDB…		cvss3_cna_sUsee CVSS documentation11/03/2024shingilam
99
1811298611/03/2024
 VulDB…		cvss3_cna_uiNsee CVSS documentation11/03/2024shingilam
99
1811298511/03/2024
 VulDB…		cvss3_cna_prLsee CVSS documentation11/03/2024shingilam
99
1811298411/03/2024
 VulDB…		cvss3_cna_acLsee CVSS documentation11/03/2024shingilam
99
1811298311/03/2024
 VulDB…		cvss3_cna_avNsee CVSS documentation11/03/2024shingilam
99
1811298211/03/2024
 VulDB…		cvss4_cna_bscore5.3see CVSS documentation11/03/2024shingilam
99
1811298111/03/2024
 VulDB…		cvss4_cna_saNsee CVSS documentation11/03/2024shingilam
99

67 kala giteji ba a nunu fi.

🔒 Login Required

You need to signup and login to see more of the remaining 67 results.

GurɗoGumtiGada

Want to stay up to date on a daily basis?

Enable the mail alert feature now!