← Volver a CVEs
CVE-2024-37873
CRITICAL9.8
Descripcion
SQL injection vulnerability in view_payslip.php in Itsourcecode Payroll Management System Project In PHP With Source Code 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado7/9/2024
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
itsourcecode:payroll_management_system_project_in_php_with_source_code
Debilidades (CWE)
CWE-89CWE-89
Referencias
https://github.com/TThuyyy/cve1/issues/2(cve@mitre.org)
https://github.com/TThuyyy/cve1/issues/2(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.