CVE-2024-10431: Codezips Pet Shop Management System deletebird.php sql injection
First published: Sun Oct 27 2024(Updated: )
A vulnerability, which was classified as critical, was found in Codezips Pet Shop Management System 1.0. Affected is an unknown function of the file /deletebird.php. The manipulation of the argument t1 leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Codezips Pet Shop Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-10431?
CVE-2024-10431 is classified as a critical vulnerability due to its potential for remote SQL injection.
How do I fix CVE-2024-10431?
To mitigate CVE-2024-10431, ensure proper input validation and parameterized queries are implemented in the affected /deletebird.php file.
What systems are affected by CVE-2024-10431?
CVE-2024-10431 affects the Codezips Pet Shop Management System version 1.0.
Can CVE-2024-10431 be exploited remotely?
Yes, CVE-2024-10431 is exploitable remotely, allowing attackers to perform SQL injection attacks.
What specific function is vulnerable in CVE-2024-10431?
The vulnerability in CVE-2024-10431 is found in an unknown function within the /deletebird.php file.
- agent/title
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- agent/event
- agent/last-modified-date
- agent/severity
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/source
- vendor/codezips
- canonical/codezips pet shop management system
- version/codezips pet shop management system/1.0