SQL Injection Vulnerability in itsourcecode Society Management System
CVE-2024-7194

8.8HIGH

Key Information:

Vendor: itsourcecode Society Management System 1.0
Status: Society Management System
Vendor: CVE Published:; 29 July 2024

🔔 Create itsourcecode Society Management System 1.0 Vulnerability Alert

What is CVE-2024-7194?

A critical vulnerability has been identified in version 1.0 of the itsourcecode Society Management System, affecting the file check_student.php. By manipulating the student_id parameter, an attacker can execute unauthorized SQL commands, potentially leading to unauthorized access to database information. This vulnerability can be exploited remotely, making it imperative for users of this system to implement urgent security measures. The exploit has already been disclosed publicly, heightening the risk for affected users. It is crucial to monitor for updates and apply patches as they become available to mitigate potential threats.

References

https://vuldb.com/?id.272615

https://vuldb.com/?ctiid.272615

https://vuldb.com/?submit.380383

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 29, 2024

JSON