CVE-2024-28557
CVE-2024-28557
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 1.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
15 Apr 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a