Critical Vulnerability in Tailoring Management System 1.0 Allows Remote SQL Injection
CVE-2024-6109
8.8HIGH
Key Information
- Vendor
- Itsourcecode
- Status
- Tailoring Management System
- Vendor
- CVE Published:
- 18 June 2024
Summary
A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file addmeasurement.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268855.
Affected Version(s)
Tailoring Management System = 1.0
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Risk change from: null to: 6.3 - (MEDIUM)
VulDB entry last update
Vulnerability Reserved.
VulDB entry created
Advisory disclosed
Vulnerability published.
Collectors
NVD DatabaseMitre Database
Credit
PHJ-doit (VulDB User)