SQL Injection Vulnerability in itsourcecode Farm Management System
CVE-2024-6190
Key Information:
- Vendor
Itsourcecode
- Status
- Vendor
- CVE Published:
- 20 June 2024
Badges
What is CVE-2024-6190?
A critical vulnerability has been discovered in the itsourcecode Farm Management System version 1.0. The issue lies within the file index.php, specifically in the Login component, where an SQL injection vulnerability exists. This flaw emerges from improper handling of the username argument, allowing an attacker to perform unauthorized SQL commands. The exploit can be executed remotely, making it particularly dangerous as it may allow attackers to manipulate the database, extract sensitive information, or compromise the application entirely. As this vulnerability has been publicly disclosed, users of the affected software are urged to implement immediate security measures to mitigate potential exploitation. For more technical details, refer to VDB-269162.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Farm Management System 1.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V3.1
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved