CVE-2024-8564

CVE-2024-8564 concerns SourceCodester PHP CRUD 1.0. The vulnerability is in the file /endpoint/update.php, where manipulating the parameters tbl_person_id, first_name, middle_name, or last_name enables a SQL injection. Descriptions in multiple connected sources confirm remote exploitation and pub...

CVE-2024-8561

CVE-2024-8561 affects SourceCodester PHP CRUD 1.0, specifically the Delete Person Handler in /endpoint/delete.php. The vulnerability arises from manipulating the person parameter, leading to SQL injection that can be exploited remotely. The connected sources confirm the affected component and att...

CVE-2024-8563

CVE-2024-8563 affects SourceCodester PHP CRUD 1.0. The issue is an XSS vulnerability in /endpoint/update.php , triggered by manipulating the parameters first_name , middle_name , or last_name . Exploitation can be performed remotely and the exploit has been disclosed publicly. Root cause: imprope...

CVE-2024-8562

CVE-2024-8562 refers to a cross-site scripting vulnerability in SourceCodester PHP CRUD 1.0, affecting the file /endpoint/Add.php. The issue arises from manipulating the arguments first_name, middle_name, and last_name, enabling remote, browser-based script execution. Public exploit discussion is...