SQL Injection Vulnerability Discovered in Tailoring Management System Project 1.0
CVE-2024-10609
9.8CRITICAL
Key Information
- Vendor
- Itsourcecode
- Status
- Tailoring Management System Project
- Vendor
- CVE Published:
- 1 November 2024
Summary
A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System Project 1.0. This affects an unknown part of the file typeadd.php. The manipulation of the argument sex leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Affected Version(s)
Tailoring Management System Project = 1.0
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Risk change from: null to: 6.3 - (MEDIUM)
Vulnerability published.
VulDB entry last update
Vulnerability Reserved.
VulDB entry created
Advisory disclosed
Collectors
NVD DatabaseMitre Database
Credit
cdeter (VulDB User)