CVE-2024-13006

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Dec 29, 2024
CWE ID 89
CWE ID 74

Summary

CVE-2024-13006 is a critical vulnerability affecting version 1.0 of the 1000 Projects Human Resource Management System. The issue lies in the processing of the file /employeeview.php and involves sql injection, which can be triggered by manipulating the argument search. This vulnerability allows remote attacks, and the exploit has been made public, increasing the risk for potential exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share