SQL Injection Vulnerability in SourceCodester Kortex Lite Advocate Office Management System
CVE-2024-3621
Key Information:
- Vendor
Sourcecodester
- Vendor
- CVE Published:
- 11 April 2024
Badges
What is CVE-2024-3621?
A critical SQL injection vulnerability exists in the SourceCodester Kortex Lite Advocate Office Management System version 1.0, specifically within the /control/register_case.php file. This vulnerability allows remote attackers to manipulate database queries through the injection of crafted parameters such as title, case_no, client_name, court, case_type, case_stage, legal_acts, description, filling_date, hearing_date, opposite_lawyer, total_fees, and unpaid. If successfully executed, this vulnerability could enable attackers to gain unauthorized access to the database, retrieve sensitive information, or alter existing entries. Immediate action is recommended to assess and remediate this vulnerability to protect against potential exploitation.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Kortex Lite Advocate Office Management System 1.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V3.1
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved