CVE-2024-10336

A vulnerability was found in SourceCodeHero Clothes Recommendation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/index.php of the component Admin Login Page. The manipulation of the argument t1 leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
References
Link Resource
https://vuldb.com/?ctiid.281681 Permissions Required Third Party Advisory VDB Entry
https://vuldb.com/?id.281681 Third Party Advisory VDB Entry
https://vuldb.com/?submit.427442 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:clothes_recommendation_system_project:clothes_recommendation_system:1.0:*:*:*:*:*:*:*

History

28 Oct 2024, 16:01

Type Values Removed Values Added
References () https://vuldb.com/?ctiid.281681 - () https://vuldb.com/?ctiid.281681 - Permissions Required, Third Party Advisory, VDB Entry
References () https://vuldb.com/?id.281681 - () https://vuldb.com/?id.281681 - Third Party Advisory, VDB Entry
References () https://vuldb.com/?submit.427442 - () https://vuldb.com/?submit.427442 - Third Party Advisory, VDB Entry
CPE cpe:2.3:a:clothes_recommendation_system_project:clothes_recommendation_system:1.0:*:*:*:*:*:*:*
First Time Clothes Recommendation System Project
Clothes Recommendation System Project clothes Recommendation System
CVSS v2 : 7.5
v3 : 7.3
v2 : 7.5
v3 : 9.8

25 Oct 2024, 12:56

Type Values Removed Values Added
Summary
  • (es) Se ha encontrado una vulnerabilidad en SourceCodeHero Clothes Recommendation System 1.0. Se ha calificado como crítica. Este problema afecta a algunos procesos desconocidos del archivo /admin/index.php del componente Admin Login Page. La manipulación del argumento t1 conduce a una inyección SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho público y puede utilizarse.

24 Oct 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-24 17:15

Updated : 2024-10-28 16:01


NVD link : CVE-2024-10336

Mitre link : CVE-2024-10336

CVE.ORG link : CVE-2024-10336


JSON object : View

Products Affected

clothes_recommendation_system_project

  • clothes_recommendation_system
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')