CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-28322

SQL Injection vulnerability in /event-management-master/backend/register.php in PuneethReddyHC Event Management 1.0 allows attackers to run arbitrary SQL commands via the event_id parameter in a crafted POST request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.4%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/Sospiro014/zday1/blob/main/event-managment.md
https://packetstormsecurity.com/files/177841/Event-Management-1.0-SQL-Injection.html
https://github.com/Sospiro014/zday1/blob/main/event-managment.md
https://packetstormsecurity.com/files/177841/Event-Management-1.0-SQL-Injection.html

Products affected by CVE-2024-28322

Puneethreddyhc » Event Management » Version: 1.0

cpe:2.3:a:puneethreddyhc:event_management:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-28322

Products

Pricing

Contact Us