Vulnerability Details CVE-2024-51327
SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.6%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-51327
-
cpe:2.3:a:projectworlds:travel_management_system:1.0