CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-37858

SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the id parameter to php-lfis/admin/categories/manage_category.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.3%

CVSS Severity

CVSS v3 Score 9.8

References

http://lost.com
https://packetstormsecurity.com/files/179079/Lost-And-Found-Information-System-1.0-SQL-Injection.html
https://www.sourcecodester.com/
http://lost.com
https://packetstormsecurity.com/files/179079/Lost-And-Found-Information-System-1.0-SQL-Injection.html
https://www.sourcecodester.com/

Products affected by CVE-2024-37858

Oretnom23 » Lost And Found Information System » Version: 1.0

cpe:2.3:a:oretnom23:lost_and_found_information_system:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-37858

Products

Pricing

Contact Us