SQL Injection Vulnerability in SourceCodester Computer Laboratory Management System
CVE-2024-3316
8.8HIGH
Key Information:
- Vendor
- CVE Published:
- 4 April 2024
What is CVE-2024-3316?
A serious SQL injection vulnerability has been identified in SourceCodester's Computer Laboratory Management System version 1.0, specifically within the file /admin/category/view_category.php. This vulnerability allows attackers to manipulate the 'id' parameter, enabling remote exploitation and unauthorized access to the system's database. If successfully exploited, the attacker could execute arbitrary SQL commands, potentially leading to data breaches and further system compromises. It's crucial for users and administrators of the affected system to apply patches or mitigation measures immediately to safeguard against this vulnerability.