CVE-2024-6440

Name of the Vulnerable Software and Affected Versions SourceCodester Home Owners Collection Management System version 1.0

Description A critical issue has been discovered, allowing for SQL injection through the manipulation of the id argument in an unknown function of the file /classes/Master.php?f=delete category. This can be exploited remotely.

Recommendations For SourceCodester Home Owners Collection Management System version 1.0, as a temporary workaround, consider restricting access to the /classes/Master.php file, specifically the delete category function, to minimize the risk of exploitation. Avoid using the id argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.