3 matches found
Daily Habit Tracker 1.0 SQL Injection
Exploit Title: Daily Habit Tracker 1.0 - SQL Injection Date: 2 Feb 2024 Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17118/daily-habit-tracker-using-php-and-mysql-source-code.html Version: 1.0 Tested on: Debian...
Daily Habit Tracker 1.0 - SQL Injection
Exploit Title: Daily Habit Tracker 1.0 - SQL Injection Date: 2 Feb 2024 Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17118/daily-habit-tracker-using-php-and-mysql-source-code.html Version: 1.0 Tested on: Debian...
CVE-2024-24495
CVE-2024-24495 is a SQL injection vulnerability affecting Daily Habit Tracker version 1.0, arising from the delete-tracker.php endpoint. Remote attackers can craft a GET request to trigger arbitrary code execution due to insecure handling of input in the targeted PHP file. The Red Hat advisory co...