SQL Injection Vulnerability in Sourcecodester Human Resource Management System
CVE-2024-34220
7.5HIGH
What is CVE-2024-34220?
The Sourcecodester Human Resource Management System 1.0 has a vulnerability that exposes it to SQL injection attacks through the 'leave' parameter. This flaw can be exploited by attackers to execute arbitrary SQL code, potentially leading to unauthorized access to the database, data leaks, and manipulation of sensitive information. Organizations using this software should be aware of the risks associated with this vulnerability and take appropriate measures to mitigate them.