CVE-2024-2283

Name of the Vulnerable Software and Affected Versions boyiddha Automated-Mess-Management-System version 1.0

Description A critical vulnerability has been found in the boyiddha Automated-Mess-Management-System. The issue is related to an unknown function of the file /member/view.php, where the manipulation of the date argument leads to SQL injection. This allows for remote attacks. The exploit has been publicly disclosed.

Recommendations For boyiddha Automated-Mess-Management-System version 1.0, consider disabling the date argument in the /member/view.php file as a temporary workaround until a patch is available. Restrict access to the /member/view.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.