CVE-2024-10751: Codezips ISP Management System pay.php sql injection
First published: Mon Nov 04 2024(Updated: )
A vulnerability was found in Codezips ISP Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file pay.php. The manipulation of the argument customer leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Codezips ISP Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-10751?
CVE-2024-10751 is classified as a critical severity vulnerability.
How does CVE-2024-10751 affect the Codezips ISP Management System?
CVE-2024-10751 affects the pay.php file, where SQL injection can be exploited through the customer argument.
Is remote exploitation possible with CVE-2024-10751?
Yes, CVE-2024-10751 can be exploited remotely.
How can I mitigate the vulnerability CVE-2024-10751?
To mitigate CVE-2024-10751, validate and sanitize all inputs in the pay.php file.
Which version of Codezips ISP Management System is impacted by CVE-2024-10751?
CVE-2024-10751 impacts version 1.0 of the Codezips ISP Management System.
- agent/weakness
- agent/title
- agent/references
- agent/first-publish-date
- agent/type
- agent/description
- agent/author
- agent/event
- agent/last-modified-date
- agent/severity
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/source
- vendor/codezips
- canonical/codezips isp management system
- version/codezips isp management system/1.0