CVE-2024-11074 – Itsorcecode Tailoring Management System SQL Injection Vulnerability

11月 11, 2024
7:16 pm

CVE ID : CVE-2024-11074

Published : Nov. 11, 2024, 6:15 p.m. | 1 hour ago

Description : A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. This vulnerability affects unknown code of the file /incadd.php. The manipulation of the argument inccat/desc/date/amount leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only mentions the parameter “inccat” to be affected. But it must be assumed “desc”, “date”, and “amount” are affected as well.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-11074 – Itsorcecode Tailoring Management System SQL Injection Vulnerability

Elvescore.io

Recent Posts

CVE-2024-12963 – Code-projects Job Recruitment SQL Injection

CVE-2024-12964 – “1000 Projects Daily College Class Work Report Book SQL Injection Vulnerability”

CVE-2024-12962 – Code-Projects Job Recruitment SQL Injection Vulnerability

CVE-2024-54907 – TOTOLINK A3002R Remote Code Execution Vulnerability in boa FormWsc Handler

CVE-2024-12960 – Apache MCA 1.0 SQL Injection Vulnerability

CVE-2024-12961 – Apache MCA Portfolio Management System SQL Injection Vulnerability

CVE-2024-11074 – Itsorcecode Tailoring Management System SQL Injection Vulnerability

CVE-2024-11074 – Itsorcecode Tailoring Management System SQL Injection Vulnerability