Remote SQL Injection Vulnerability in SourceCodester Simple Inventory Management System
CVE-2024-6830

7.5HIGH

Key Information:

Vendor: SourceCodester
Status: Simple Inventory Management System
Vendor: CVE Published:; 17 July 2024

🔔 Create SourceCodester Vulnerability Alert

What is CVE-2024-6830?

A significant SQL injection vulnerability exists in the SourceCodester Simple Inventory Management System 1.0, specifically within the action.php file's order handler function. This flaw allows attackers to interfere with the order_id argument, leading to unauthorized access to sensitive data. Given that the exploitation can be performed remotely, the issue poses a serious risk to the integrity and confidentiality of the information managed by the system. Public disclosure of the exploit increases the urgency for users to apply necessary security measures to protect their systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://vuldb.com/?id.271812

https://vuldb.com/?ctiid.271812

https://vuldb.com/?submit.375233

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 17, 2024

JSON

SourceCodester

What is CVE-2024-6830?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.