CVE-2024-9093

Name of the Vulnerable Software and Affected Versions SourceCodester Profile Registration without Reload Refresh version 1.0

Description A critical vulnerability has been found in the software, affecting an unknown part of the file del.php of the component GET Parameter Handler. The manipulation of the argument list leads to SQL injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Recommendations For version 1.0, consider disabling the GET Parameter Handler component or restricting access to the del.php file until a patch is available. As a temporary workaround, avoid using the argument list in the affected component to minimize the risk of exploitation.