Lucene search
HistoryFeb 08, 2024 - 9:15 p.m.
CVE-2024-24495
sql injection
daily habit tracker
remote attacker
crafted get request.
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.003
Percentile
69.0%
SQL Injection vulnerability in delete-tracker.php in Daily Habit Tracker v.1.0 allows a remote attacker to execute arbitrary code via crafted GET request.
Affected configurations
Node
remyandradedaily_habit_trackerMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| remyandrade | daily_habit_tracker | 1.0 | cpe:2.3:a:remyandrade:daily_habit_tracker:1.0:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2024-24495
2024-02-08 21:15:08
zdt
zdt
Daily Habit Tracker 1.0 - SQL Injection Vulnerability
2024-04-02 00:00:00
prion
prion
Sql injection
2024-02-08 21:15:00
packetstorm
packetstorm
Daily Habit Tracker 1.0 SQL Injection
2024-04-02 00:00:00
cvelist
cvelist
CVE-2024-24495
2024-02-08 00:00:00
exploitdb
exploitdb
Daily Habit Tracker 1.0 - SQL Injection
2024-04-02 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.003
Percentile
69.0%
Related for NVD:CVE-2024-24495