SQL Injection Vulnerability in PHP-Based Prison Management System by SourceCodester
CVE-2024-33288

7.3HIGH

Key Information:

Vendor: SourceCodester
Status: Prison Management System
Vendor: CVE Published:; 8 May 2026

🔔 Create SourceCodester Vulnerability Alert

What is CVE-2024-33288?

A SQL injection vulnerability exists in the Prison Management System Using PHP v1.0, allowing attackers to exploit the login page's username input. This security flaw can lead to unauthorized access to sensitive information, data manipulation, and complete system compromise, making it critical for users to update or patch their systems to mitigate potential threats.

References

https://www.sourcecodester.com/sql/17287/prison-managemen...

https://www.exploit-db.com/exploits/52017

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 8, 2026
Vulnerability Reserved
Apr 23, 2024

CVE-2024-33288 Data

JSON