CVE-2024-0474

Name of the Vulnerable Software and Affected Versions code-projects Dormitory Management System version 1.0

Description A critical vulnerability was found in the Dormitory Management System. The issue affects an unknown functionality of the file login.php. The manipulation of the username argument leads to SQL injection. The attack can be launched remotely.

Recommendations For version 1.0, consider disabling the login functionality temporarily to prevent exploitation until a patch is available. Restrict access to the login.php file to minimize the risk of SQL injection attacks. Avoid using the username argument in the affected functionality until the issue is resolved.