CVE-2024-8380 : SOURCECODESTER CONTACT MANAGER WITH EXPORT TO VCF 1.0 DELETE CONTACT DELETE-ACCOUNT.PHP CONTACT SQL INJECTION

Description

A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been rated as critical. This issue affects some unknown processing of the file /endpoint/delete-account.php of the component Delete Contact Handler. The manipulation of the argument contact leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

References

VDB-276353 | SourceCodester Contact Manager with Export to VCF Delete Contact delete-account.php sql injection

VDB-276353 | CTI Indicators (IOB, IOC, TTP, IOA)

SourceCodester Contact Manager with Export to VCF 1.0 SQL Injection

https://github.com/jadu101/CVE/blob/main/SourceCodester_Contact_Manager_delete_contact_sqli.md

https://www.sourcecodester.com/

For More Information

CVERecord

Contact us to get started

CVE-2024-8887 : CIRCUTOR Q-SMT 1.0.4 IMPROPER VALIDATION OF SPECIFIED QUANTITY IN INPUT

Description CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an

Learn more

CVE-2024-8762 : CODE-PROJECTS CRUD OPERATION SYSTEM 1.0 /UPDATEDATA.PHP SID SQL INJECTION

Description A vulnerability was found in code-projects Crud Operation System 1.0. It has been classified as critical. This affects an

Learn more

CVE-2024-34334 : ORDAT FOSS-ONLINE UP TO 2.24.00 FORGOT PASSWORD SQL INJECTION

Description ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function. References https://mind-bytes.de/sql-injection-in-foss-online-cve-2024-34334/

Learn more