6.3
CVSSv3

CVE-2024-13005

CVSSv4: 5.3 | CVSSv3: 6.3 | CVSSv2: 6.5 | VMScore: 630 | EPSS: 0.00045 | KEV: Not Included
Published: 29/12/2024 Updated: 29/12/2024

Vulnerability Summary

Critical SQL Injection in 1000 Projects Attendance System 1.0 Exploited

A critical vulnerability is present in 1000 Projects Attendance Tracking Management System 1.0. It affects the file /admin/attendance_action.php. The issue involves the attendance_id argument, which can be manipulated to cause an SQL injection. This attack can be launched remotely. The exploit details have been made public and might be used.

Vulnerability Trend