A vulnerability has been found in SourceCodester PHP CRUD 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete.php of the component Delete Person Handler. The manipulation of the argument person leads to sql injection. The attack can be launched remotely.
History

Tue, 10 Sep 2024 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Rems
Rems php Crud
CPEs cpe:2.3:a:rems:php_crud:1.0:*:*:*:*:*:*:*
Vendors & Products Rems
Rems php Crud

Mon, 09 Sep 2024 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sat, 07 Sep 2024 18:45:00 +0000

Type Values Removed Values Added
Description A vulnerability has been found in SourceCodester PHP CRUD 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete.php of the component Delete Person Handler. The manipulation of the argument person leads to sql injection. The attack can be launched remotely.
Title SourceCodester PHP CRUD Delete Person delete.php sql injection
Weaknesses CWE-89
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-09-07T18:31:03.892Z

Updated: 2024-09-09T18:30:30.365Z

Reserved: 2024-09-06T21:36:29.229Z

Link: CVE-2024-8561

cve-icon Vulnrichment

Updated: 2024-09-09T18:30:26.979Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-07T19:15:11.627

Modified: 2024-09-10T15:35:01.837

Link: CVE-2024-8561

cve-icon Redhat

No data.