CVE-2024-28613

2024-04-2404:15:18

[email protected]

web.nvd.nist.gov

php

sql injection

task management system

remote attacker

privilege escalation

sensitive information

nvd

7.9 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

SQL Injection vulnerability in PHP Task Management System v.1.0 allows a remote attacker to escalate privileges and obtain sensitive information via the task_id parameter of the task-details.php, and edit-task.php component.

References

github.com/hakkitoklu/hunt/blob/main/PHP%20Task%20Management%20System/sqli.md

www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html