Description

A vulnerability was found in code-projects Simple Task List 1.0. It has been declared as critical. This vulnerability affects unknown code of the file loginForm.php of the component Login. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271060.

Related CPE's

a

code-projects

simple_task_list

1.0

Vulnerable

References

https://github.com/hantianj/cve/issues/1

ExploitThird Party Advisory

https://vuldb.com/?ctiid.271060

Permissions RequiredVDB Entry

https://vuldb.com/?id.271060

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.372263

Third Party AdvisoryVDB Entry

https://github.com/hantianj/cve/issues/1

ExploitThird Party Advisory

https://vuldb.com/?ctiid.271060

Permissions RequiredVDB Entry

https://vuldb.com/?id.271060

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.372263

Third Party AdvisoryVDB Entry

Weaknesses

[email protected]

Secondary
CWE-89

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.3 · High

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2024-07-10T22:15:02.313Z

1 year ago

Last modified

2025-03-03T15:28:59.507Z

10 months ago