CVE-2024-5384: SourceCodester Facebook News Feed Like index.php sql injection
First published: Sun May 26 2024(Updated: )
A vulnerability classified as critical was found in SourceCodester Facebook News Feed Like 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument page leads to sql injection. The attack can be initiated remotely. VDB-266302 is the identifier assigned to this vulnerability.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SourceCodester Facebook News Feed Like | ||
| SourceCodester Facebook News Feed Like | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-5384?
CVE-2024-5384 is classified as a critical severity vulnerability.
What type of vulnerability is CVE-2024-5384?
CVE-2024-5384 is an SQL injection vulnerability.
How can CVE-2024-5384 be exploited?
CVE-2024-5384 can be exploited remotely by manipulating the 'page' argument in the index.php file.
Which software is affected by CVE-2024-5384?
CVE-2024-5384 affects SourceCodester Facebook News Feed Like version 1.0.
How do I fix CVE-2024-5384?
To fix CVE-2024-5384, input validation and parameterized queries should be implemented in the affected SQL code.
- agent/weakness
- agent/title
- agent/references
- agent/description
- agent/first-publish-date
- agent/type
- agent/author
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/sourcecodester
- canonical/sourcecodester facebook news feed like
- vendor/oretnom23
- version/sourcecodester facebook news feed like/1.0