Vulnerability Details CVE-2024-35468
A SQL injection vulnerability in /hrm/index.php in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.9%
CVSS Severity
CVSS v3 Score 5.4
References
- https://github.com/dovankha/CVE-2024-35468
- https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html
- https://github.com/dovankha/CVE-2024-35468
- https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html
Products affected by CVE-2024-35468
-
cpe:2.3:a:oretnom23:human_resource_management_system:1.0