SQL Injection Vulnerability in SourceCodester Online Timesheet Application
CVE-2024-9319
Key Information:
- Vendor
SourceCodester
- Status
- Vendor
- CVE Published:
- 29 September 2024
What is CVE-2024-9319?
A serious SQL injection vulnerability has been identified in the SourceCodester Online Timesheet App version 1.0. The flaw resides in the /endpoint/delete-timesheet.php file, where improper validation of user-supplied input allows attackers to exploit the 'timesheet' argument. This vulnerability enables potential remote attackers to execute arbitrary SQL queries against the database, which could lead to unauthorized data access, data manipulation, and significant compromise of sensitive information. Due to its remote exploitability, organizations using this application must take immediate action to patch the vulnerability and protect their data integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Timeline
Vulnerability published
