TROYANOSYVIRUS
Retour aux CVEs

CVE-2024-2393

MEDIUM
6.3

Description

A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file add_user.php. The manipulation of the argument city leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256453 was assigned to this vulnerability.

Details CVE

Score CVSS v3.16.3
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie3/12/2024
Derniere modification2/18/2025
Sourcenvd
Observations honeypot0

Produits affectes

remyandrade:crud_without_page_reload\/refresh

Faiblesses (CWE)

CWE-89

References

https://github.com/CveSecLook/cve/blob/main/CRUD%20(Create%2C%20Read%2C%20Update%2C%20Delete)%20Without%20Page%20Reload%3ARefresh%20Using%20PHP%20and%20MySQL%20with%20Source%20Code%202/sql-1.md(cna@vuldb.com)
https://vuldb.com/?ctiid.256453(cna@vuldb.com)
https://vuldb.com/?id.256453(cna@vuldb.com)
https://github.com/CveSecLook/cve/blob/main/CRUD%20(Create%2C%20Read%2C%20Update%2C%20Delete)%20Without%20Page%20Reload%3ARefresh%20Using%20PHP%20and%20MySQL%20with%20Source%20Code%202/sql-1.md(af854a3a-2127-422b-91ae-364da2661108)
https://vuldb.com/?ctiid.256453(af854a3a-2127-422b-91ae-364da2661108)
https://vuldb.com/?id.256453(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.