CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-30985

SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.8%

CVSS Severity

CVSS v3 Score 9.8

References

https://medium.com/%40shanunirwan/cve-2024-30985-sql-injection-vulnerability-in-client-management-system-using-php-mysql-1-1-c21fecbda062
https://medium.com/%40shanunirwan/cve-2024-30985-sql-injection-vulnerability-in-client-management-system-using-php-mysql-1-1-c21fecbda062

Products affected by CVE-2024-30985

Phpgurukul » Client Management System » Version: 1.1

cpe:2.3:a:phpgurukul:client_management_system:1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-30985

Products

Pricing

Contact Us