Lucene search

[email protected]NVD:CVE-2024-24407

HistoryMar 28, 2024 - 11:15 p.m.

CVE-2024-24407

2024-03-2823:15:46

CWE-89

[email protected]

web.nvd.nist.gov

cve-2024-24407

sql injection

best courier management system

remote attacker

sensitive information

print_pdets.php

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

7.2

Confidence

Low

EPSS

Percentile

9.0%

JSON

SQL Injection vulnerability in Best Courier management system v.1.0 allows a remote attacker to obtain sensitive information via print_pdets.php component.

References

github.com/modian-un/CVE/blob/main/Barangay%20Population%20Monitoring%20System.md

github.com/modian-un/CVE/blob/main/Best%20courier%20management%20system.md

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

7.2

Confidence

Low

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2024-24407

vulnrichment1 cve1 cvelist1