Description
A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/maintenance/manage_department.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
References
https://github.com/zonesec0/findcve/issues/3
ExploitThird Party Advisory
https://vuldb.com/?ctiid.278819
Permissions Required
Third Party Advisory
https://vuldb.com/?submit.412524
Third Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2024-09-28T19:15:12.353
2 weeks agoLast modified
2024-10-01T13:33:59.480
1 week ago