Vulnerability Description
A vulnerability has been found in SourceCodester Online Library System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/books/deweydecimal.php. The manipulation of the argument category leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259465 was assigned to this vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Janobe | Online Library System | 1.0 |
Related Weaknesses (CWE)
References
- https://github.com/thisissuperann/Vul/blob/main/Online-Library-System-03ExploitThird Party Advisory
- https://vuldb.com/?ctiid.259465Permissions RequiredVDB Entry
- https://vuldb.com/?id.259465Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.310425Third Party AdvisoryVDB Entry
- https://github.com/thisissuperann/Vul/blob/main/Online-Library-System-03ExploitThird Party Advisory
- https://vuldb.com/?ctiid.259465Permissions RequiredVDB Entry
- https://vuldb.com/?id.259465Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.310425Third Party AdvisoryVDB Entry
FAQ
What is CVE-2024-3361?
CVE-2024-3361 is a vulnerability with a CVSS score of 7.3 (HIGH). A vulnerability has been found in SourceCodester Online Library System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/books/deweydecimal.p...
How severe is CVE-2024-3361?
CVE-2024-3361 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-3361?
Check the references section above for vendor advisories and patch information. Affected products include: Janobe Online Library System.