7.3
CVSSv3

CVE-2024-12946

CVSSv4: 6.9 | CVSSv3: 7.3 | CVSSv2: 7.5 | VMScore: 790 | EPSS: 0.00045 | KEV: Not Included
Published: 26/12/2024 Updated: 26/12/2024

Vulnerability Summary

Critical SQL Injection in 1000 Projects Attendance System Disclosed

A critical vulnerability is in 1000 Projects Attendance Tracking Management System 1.0. It affects some unknown processing within the file /admin/admin_action.php. The manipulation of the argument admin_user_name leads to SQL injection. The attack can start remotely. The exploit has been made public and might be used.

Vulnerability Trend