PT-2024-16225 · Sourcecodester · Itsourcecode Payroll Management System

Shikang

Published

2024-10-25

Updated

2024-10-30

CVE-2024-10371

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SourceCodester Payroll Management System version 1.0

Description A critical issue has been found in the login function of the main file, leading to a buffer overflow. The exploit has been disclosed to the public and may be used.

Recommendations For SourceCodester Payroll Management System version 1.0, consider disabling the login function in the main file until a patch is available to prevent potential buffer overflow exploitation. Restrict access to the main file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2024-10371

Affected Products

Itsourcecode Payroll Management System

PT-2024-16225 · Sourcecodester · Itsourcecode Payroll Management System

CVE-2024-10371

Weakness Enumeration

Related Identifiers

Affected Products

References · 10