CVE-2024-10996
CVE-2024-10996
6.9
MediumPublished:
Last updated:
Source:cna@vuldb.com
Analyzed
Weakness (CWE)
CVSS Vector
v4.0- Attack Vector
- Network
- Attack Complexity
- Low
- Attack Requirements
- None
- Privileges Required
- None
- User Interaction
- None
- Confidentiality (Vulnerable)
- Low
- Integrity (Vulnerable)
- Low
- Availability (Vulnerable)
- Low
- Confidentiality (Subsequent)
- None
- Integrity (Subsequent)
- None
- Availability (Subsequent)
- None
Description
A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/process_category_edit.php. The manipulation of the argument cat leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
References
cna@vuldb.com
https://github.com/ppp-src/CVE/issues/32cna@vuldb.com
https://vuldb.com/?ctiid.283461cna@vuldb.com
https://vuldb.com/?id.283461cna@vuldb.com
https://vuldb.com/?submit.438105