CVE-2024-12497

CVSS V2 None CVSS V3 None
Description
A vulnerability classified as critical has been found in 1000 Projects Attendance Tracking Management System 1.0. Affected is an unknown function of the file /admin/check_admin_login.php. The manipulation of the argument admin_user_name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Overview
  • CVE ID
  • CVE-2024-12497
  • Assigner
  • VulDB
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-12-11T23:31:05.741Z
  • Last Modified Date
  • 2024-12-11T23:31:05.741Z
References
Reference URL Reference Tags
https://vuldb.com/?id.287874 vdb-entry technical-description
https://vuldb.com/?ctiid.287874 signature permissions-required
https://vuldb.com/?submit.459239 third-party-advisory
https://github.com/Ta0k1a/CVE/issues/1 exploit issue-tracking
https://1000projects.org/ product
History
Created Old Value New Value Data Type Notes
2024-12-12 13:44:25 Added to TrackCVE