SQL Injection Vulnerability in SourceCodester PHP Task Management System
CVE-2024-3222
8.8HIGH
What is CVE-2024-3222?
A severe SQL injection vulnerability has been identified in the SourceCodester PHP Task Management System 1.0, specifically affecting the file responsible for managing password changes (admin-password-change.php). By manipulating the 'admin_id' parameter, an attacker can execute arbitrary SQL code in the database, potentially leading to unauthorized access, data leakage, or full system compromise. This exploit can be initiated remotely, exposing the application to significant risks. It is critical for users of this version to address the vulnerability promptly by applying any provided patches or implementing robust security measures.