CVE-2024-11257: 1000 Projects Beauty Parlour Management System forgot-password.php sql injection
First published: Fri Nov 15 2024(Updated: )
A vulnerability classified as critical has been found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| 1000projects Beauty Parlour Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-11257?
CVE-2024-11257 has been classified as critical due to the potential for SQL injection.
How do I fix CVE-2024-11257?
To fix CVE-2024-11257, sanitize and validate all user inputs, particularly the email argument in the /admin/forgot-password.php file.
Which software is affected by CVE-2024-11257?
CVE-2024-11257 affects version 1.0 of the 1000 Projects Beauty Parlour Management System.
What type of attack can be executed through CVE-2024-11257?
CVE-2024-11257 allows for remote SQL injection attacks through the /admin/forgot-password.php file.
Is CVE-2024-11257 easy to exploit?
Yes, CVE-2024-11257 is considered easy to exploit due to the insufficient sanitization of input parameters.
- agent/title
- agent/weakness
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/source
- vendor/1000projects
- canonical/1000projects beauty parlour management system
- version/1000projects beauty parlour management system/1.0