CVE-2020-24932: SQL Injection
First published: Wed Oct 27 2021(Updated: )
An SQL Injection vulnerability exists in Sourcecodester Complaint Management System 1.0 via the cid parameter in complaint-details.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sourcecodester Complaint Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this SQL Injection vulnerability?
The vulnerability ID for this SQL Injection vulnerability is CVE-2020-24932.
What is the affected software?
The affected software is Sourcecodester Complaint Management System 1.0.
How does the SQL Injection vulnerability occur?
The SQL Injection vulnerability occurs via the cid parameter in complaint-details.php.
What is the severity of CVE-2020-24932?
The severity of CVE-2020-24932 is critical with a CVSS score of 9.8.
Is there a known exploit for this vulnerability?
Yes, there is a known exploit for this vulnerability which can be found at https://www.exploit-db.com/exploits/48758.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/author
- agent/tags
- agent/references
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- vendor/sourcecodester
- canonical/sourcecodester complaint management system
- version/sourcecodester complaint management system/1.0