Vulnerability Description
A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. This affects an unknown part of the file portal.php. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265197 was assigned to this vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oretnom23 | Event Registration System | 1.0 |
Related Weaknesses (CWE)
References
- https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/EvenExploitThird Party Advisory
- https://vuldb.com/?ctiid.265197Permissions RequiredVDB Entry
- https://vuldb.com/?id.265197ExploitThird Party AdvisoryVDB Entry
- https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/EvenExploitThird Party Advisory
- https://vuldb.com/?ctiid.265197Permissions RequiredVDB Entry
- https://vuldb.com/?id.265197ExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2024-5117?
CVE-2024-5117 is a vulnerability with a CVSS score of 7.3 (HIGH). A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. This affects an unknown part of the file portal.php. The manipulation of the argument user...
How severe is CVE-2024-5117?
CVE-2024-5117 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-5117?
Check the references section above for vendor advisories and patch information. Affected products include: Oretnom23 Event Registration System.