CVE-2024-7676

Name of the Vulnerable Software and Affected Versions Sourcecodester Car Driving School Management System version 1.0

Description A critical issue has been found, allowing for SQL injection through the manipulation of the id argument in the save package function of the /classes/Master.php?f=save package file. This can be exploited remotely, potentially leading to unauthorized access and data compromise. The exploit has been publicly disclosed.

Recommendations For Sourcecodester Car Driving School Management System version 1.0, as a temporary workaround, consider restricting access to the save package function until a patch is available. Avoid using the id argument in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.