exploitDog

CVE-2024-28556

Опубликовано: 15 апр. 2024

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin-manage-user.php.

Ссылки

https://github.com/xuanluansec/vul/blob/main/vul/1/README.md
Exploit
Third Party Advisory
https://github.com/xuanluansec/vul/issues/1
Exploit
Third Party Advisory
https://github.com/xuanluansec/vul/blob/main/vul/1/README.md
Exploit
Third Party Advisory
https://github.com/xuanluansec/vul/issues/1
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mayurik:php_task_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04386

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-wqhj-p438-8c8f

CVSS3: 9.8

github

почти 2 года назад

SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin-manage-user.php.

EPSS

Процентиль: 89%

0.04386

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89