CVE-2024-7366 : SOURCECODESTER TRACKING MONITORING MANAGEMENT SYSTEM 1.0 LOGIN /AJAX.PHP USERNAME SQL INJECTION

Description

A vulnerability was found in SourceCodester Tracking Monitoring Management System 1.0. It has been classified as critical. This affects an unknown part of the file /ajax.php?action=login of the component Login. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273345 was assigned to this vulnerability.

References

VDB-273345 | SourceCodester Tracking Monitoring Management System Login ajax.php sql injection

VDB-273345 | CTI Indicators (IOB, IOC, TTP, IOA)

SourceCodester Tracking/Monitoring Management System 1.0 SQL Injection

https://gist.github.com/topsky979/c0efd2f3e6e146eb9e110e5e63cb5fbb

For More Information

CVERecord

Contact us to get started

CVE-2024-20418 : CISCO IOS XE CONTROLLER WEB-BASED MANAGEMENT INTERFACE COMMAND INJECTION

Description A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB)

Learn more

CVE-2024-20536 : CISCO DATA CENTER NETWORK MANAGER 12.1.2E/12.1.2P/12.1.3B WEB-BASED MANAGEMENT INTERFACE/REST API ENDPOINT SQL INJECTION

Description A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller (NDFC) could

Learn more

CVE-2024-50340 : SYMFONY INJECTION

Description symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the

Learn more