code-projects Employee Profile Management System file_table.php sql injection
CVE-2024-0466
5.5MEDIUM
Key Information:
- Vendor
Code-projects
- Vendor
- CVE Published:
- 12 January 2024
Badges
👾 Exploit Exists🟡 Public PoC
What is CVE-2024-0466?
A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file file_table.php. The manipulation of the argument per_id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250571.
Affected Version(s)
Employee Profile Management System 1.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.