Vulnerability Details CVE-2024-28613
SQL Injection vulnerability in PHP Task Management System v.1.0 allows a remote attacker to escalate privileges and obtain sensitive information via the task_id parameter of the task-details.php, and edit-task.php component.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.6%
CVSS Severity
CVSS v3 Score 9.8
References
- https://github.com/hakkitoklu/hunt/blob/main/PHP%20Task%20Management%20System/sqli.md
- https://www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html
- https://github.com/hakkitoklu/hunt/blob/main/PHP%20Task%20Management%20System/sqli.md
- https://www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html
Products affected by CVE-2024-28613
-
cpe:2.3:a:mayurik:php_task_management_system:1.0