exploitDog

CVE-2024-51030

Опубликовано: 08 нояб. 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

A SQL injection vulnerability in manage_client.php and view_cab.php of Sourcecodester Cab Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, leading to unauthorized access and potential compromise of sensitive data within the database.

Ссылки

https://github.com/vighneshnair7/CVE-2024-51030
Third Party Advisory
https://www.sourcecodester.com/php/15180/cab-management-system-phpoop-free-source-code.html
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oretnom23:cab_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05778

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-89

CWE-89

Связанные уязвимости

GHSA-g5x8-hfc7-9rv7

CVSS3: 6.5

github

около 1 года назад

A SQL injection vulnerability in manage_client.php and view_cab.php of Sourcecodester Cab Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, leading to unauthorized access and potential compromise of sensitive data within the database.

EPSS

Процентиль: 90%

0.05778

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-89

CWE-89