A vulnerability classified as critical has been found in CodeAstro Real Estate Management System up to 1.0. This affects an unknown part of the file propertydetail.php. The manipulation of the argument pid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250713 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://drive.google.com/drive/folders/1U2nirIi6OtuCi-vrD2-VHyJbsHK5yA7t?usp=sharing | Exploit |
https://vuldb.com/?ctiid.250713 | Permissions Required Third Party Advisory |
https://vuldb.com/?id.250713 | Third Party Advisory |
Configurations
History
22 Jan 2024, 20:44
Type | Values Removed | Values Added |
---|---|---|
References | () https://drive.google.com/drive/folders/1U2nirIi6OtuCi-vrD2-VHyJbsHK5yA7t?usp=sharing - Exploit | |
References | () https://vuldb.com/?ctiid.250713 - Permissions Required, Third Party Advisory | |
References | () https://vuldb.com/?id.250713 - Third Party Advisory | |
First Time |
Codeastro real Estate Management System
Codeastro |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:a:codeastro:real_estate_management_system:*:*:*:*:*:*:*:* |
15 Jan 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-15 06:15
Updated : 2024-05-17 02:34
NVD link : CVE-2024-0543
Mitre link : CVE-2024-0543
CVE.ORG link : CVE-2024-0543
JSON object : View
Products Affected
codeastro
- real_estate_management_system
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')