PT-2024-37443 · Unknown · Itsourcecode Farm Management System
Hryspa_Hodor
·
Published
2024-06-20
·
Updated
2024-08-21
·
CVE-2024-6190
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
itsourcecode Farm Management System version 1.0
Description:
A critical issue affects the itsourcecode Farm Management System, specifically the
username argument in the file index.php of the Login component, leading to SQL injection. This can be exploited remotely.Recommendations:
For itsourcecode Farm Management System version 1.0, update the system urgently to resolve the SQL injection vulnerability in the login functionality via the
username argument. As a temporary workaround, consider restricting access to the login functionality to minimize the risk of exploitation.Exploit
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Itsourcecode Farm Management System