A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. Affected by this vulnerability is an unknown functionality of the file ssms.php. The manipulation of the argument customer leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/elegant228/cve/issues/1 | Exploit Third Party Advisory |
https://itsourcecode.com/ | Product |
https://vuldb.com/?ctiid.276841 | Permissions Required |
https://vuldb.com/?id.276841 | Permissions Required |
https://vuldb.com/?submit.404875 | Third Party Advisory |
Configurations
History
18 Sep 2024, 17:24
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 9.8 |
First Time |
Angeljudesuarez
Angeljudesuarez tailoring Management System |
|
References | () https://github.com/elegant228/cve/issues/1 - Exploit, Third Party Advisory | |
References | () https://itsourcecode.com/ - Product | |
References | () https://vuldb.com/?ctiid.276841 - Permissions Required | |
References | () https://vuldb.com/?id.276841 - Permissions Required | |
References | () https://vuldb.com/?submit.404875 - Third Party Advisory | |
CPE | cpe:2.3:a:angeljudesuarez:tailoring_management_system:1.0:*:*:*:*:*:*:* |
10 Sep 2024, 12:09
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
09 Sep 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-09 21:15
Updated : 2024-09-18 17:24
NVD link : CVE-2024-8611
Mitre link : CVE-2024-8611
CVE.ORG link : CVE-2024-8611
JSON object : View
Products Affected
angeljudesuarez
- tailoring_management_system
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')