SQL Injection Vulnerability in SourceCodester PHP CRUD Application
CVE-2024-8561
9.8CRITICAL
What is CVE-2024-8561?
A severe vulnerability has been identified in the SourceCodester PHP CRUD 1.0 application, specifically within the Delete Person functionality located in the file /endpoint/delete.php. This vulnerability permits attackers to manipulate the 'person' argument, leading to SQL injection attacks. Such an attack can be executed remotely, potentially compromising database integrity and exposing sensitive information. It is crucial for users of SourceCodester PHP CRUD to patch this vulnerability promptly to mitigate the associated risks.
Affected Version(s)
PHP CRUD 1.0