A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System 1.0. This affects an unknown part of the file partedit.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273549 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/Wumshi/cve/issues/3 | Exploit Technical Description Third Party Advisory |
https://vuldb.com/?ctiid.273549 | Permissions Required VDB Entry |
https://vuldb.com/?id.273549 | Permissions Required VDB Entry |
https://vuldb.com/?submit.385442 | Technical Description VDB Entry |
Configurations
Configuration 1 (hide)
|
History
29 Aug 2024, 02:57
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 9.8 |
References | () https://github.com/Wumshi/cve/issues/3 - Exploit, Technical Description, Third Party Advisory | |
References | () https://vuldb.com/?ctiid.273549 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.273549 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?submit.385442 - Technical Description, VDB Entry | |
First Time |
Angeljudesuarez tailoring Management System Project In Php
Angeljudesuarez |
|
CPE | cpe:2.3:a:angeljudesuarez:tailoring_management_system_project_in_php:1.0:*:*:*:*:*:*:* |
05 Aug 2024, 12:41
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
04 Aug 2024, 12:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-04 12:16
Updated : 2024-08-29 02:57
NVD link : CVE-2024-7455
Mitre link : CVE-2024-7455
CVE.ORG link : CVE-2024-7455
JSON object : View
Products Affected
angeljudesuarez
- tailoring_management_system_project_in_php
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')