CVE-2024-57665

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 29, 2025

Updated: Feb 3, 2025

CWE ID 89

Summary

CVE-2025-0843 is a critical vulnerability identified in the Admin Panel's admindashboard.php component of the Needyamin Library Card System 1.0. This issue allows an attacker to inject SQL code by manipulating the email/password argument. The exploit can be launched remotely, and the attacker may gain unauthorized access to the system. The vulnerability has been publicly disclosed, increasing the risk of potential attacks. System administrators are urged to apply the necessary patches or updates to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

JFinalCMS

Affected Vendors

Jfinal CMS

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2T9t7U
https://www.cve.org/CVERecord?id=CVE-2024-57665
https://nvd.nist.gov/vuln/detail/CVE-2024-57665

Back to Vulnerability Database