CVE-2024-1928
CVSS 3.1 Score 4.7 of 10 (medium)
Details
Published Feb 29, 2024
Updated: May 17, 2024
CWE ID 89
Summary
CVE-2024-1928 is a critical vulnerability affecting the SourceCodester Web-Based Student Clearance System 1.0. This issue lies in the unspecified functionality of the /admin/edit-admin.php component's Edit User Profile Page. The Fullname argument can be manipulated to execute SQL injection attacks, posing a remote threat. The vulnerability has been made public, increasing the risk of exploitation. The identifier for this issue is VDB-254864.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share