2024-11-20
:
A critical SQL injection vulnerability exists in 1000 Projects Portfolio Management System MCA 1.0. This vulnerability allows remote attackers to manipulate the username argument in the `/login.php` file, potentially taking control of the database.
Vulnerability Details:
Platform: 1000 Projects Portfolio Management System MCA
Version: 1.0
Vulnerability: SQL injection
Severity: Critical
Date: November 15, 2024 (Published), November 19, 2024 (Last Modified)
Exploit: Publicly disclosed
What Undercode Says:
This is a critical vulnerability that could allow attackers to take control of your database. If you are using 1000 Projects Portfolio Management System MCA 1.0, it is strongly recommended that you update to a patched version immediately.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help