PT-2021-11089 · Unknown · Sourcecodester Complaint Management System

Published

2021-10-27

Updated

2026-03-06

CVE-2020-24932

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Sourcecodester Complaint Management System version 1.0

Description: An SQL Injection issue exists via the cid parameter in "complaint-details.php". This allows for potential exploitation.

Recommendations: For Sourcecodester Complaint Management System version 1.0, avoid using the cid parameter in the "complaint-details.php" file until a fix is available. Consider restricting access to this parameter to minimize the risk of exploitation.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2020-24932

Affected Products

Sourcecodester Complaint Management System

PT-2021-11089 · Unknown · Sourcecodester Complaint Management System

CVE-2020-24932

Weakness Enumeration

Related Identifiers

Affected Products

References · 6