CVE-2024-28613

2024-04-2404:15:18

[email protected]

web.nvd.nist.gov

sql injection

php

task management system

privilege escalation

sensitive information

AI Score

7.6

Confidence

Low

EPSS

Percentile

9.0%

JSON

SQL Injection vulnerability in PHP Task Management System v.1.0 allows a remote attacker to escalate privileges and obtain sensitive information via the task_id parameter of the task-details.php, and edit-task.php component.

References

github.com/hakkitoklu/hunt/blob/main/PHP%20Task%20Management%20System/sqli.md

www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html