A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System 1.0. This affects an unknown part of the file partedit.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273549 was assigned to this vulnerability.
References
| Link | Resource |
|---|---|
| https://vuldb.com/?id.273549 | Permissions Required VDB Entry |
| https://vuldb.com/?ctiid.273549 | Permissions Required VDB Entry |
| https://vuldb.com/?submit.385442 | Technical Description VDB Entry |
| https://github.com/Wumshi/cve/issues/3 | Exploit Technical Description Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
29 Aug 2024, 02:57
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
| First Time |
Angeljudesuarez
Angeljudesuarez tailoring Management System Project In Php |
|
| CPE | cpe:2.3:a:angeljudesuarez:tailoring_management_system_project_in_php:1.0:*:*:*:*:*:*:* | |
| References | () https://github.com/Wumshi/cve/issues/3 - Exploit, Technical Description, Third Party Advisory | |
| References | () https://vuldb.com/?ctiid.273549 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?submit.385442 - Technical Description, VDB Entry | |
| References | () https://vuldb.com/?id.273549 - Permissions Required, VDB Entry |
04 Aug 2024, 12:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-08-04 12:16
Updated : 2024-08-29 02:57
NVD link : CVE-2024-7455
Mitre link : CVE-2024-7455
JSON object : View
Products Affected
angeljudesuarez
- tailoring_management_system_project_in_php
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')