{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-3255","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-04-03T05:17:24.007Z","datePublished":"2024-04-03T12:00:07.100Z","dateUpdated":"2024-08-01T20:05:08.223Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2024-04-03T12:00:07.100Z"},"title":"SourceCodester Internship Portal Management System edit_admin_query.php sql injection","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-89","lang":"en","description":"CWE-89 SQL Injection"}]}],"affected":[{"vendor":"SourceCodester","product":"Internship Portal Management System","versions":[{"version":"1.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability, which was classified as critical, was found in SourceCodester Internship Portal Management System 1.0. Affected is an unknown function of the file admin/edit_admin_query.php. The manipulation of the argument username/password/name/admin_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259104."},{"lang":"de","value":"Es wurde eine Schwachstelle in SourceCodester Internship Portal Management System 1.0 gefunden. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei admin/edit_admin_query.php. Durch Beeinflussen des Arguments username/password/name/admin_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":6.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":6.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":6.5,"vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P"}}],"timeline":[{"time":"2024-04-03T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-04-03T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2024-04-03T07:22:55.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"liuann (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.259104","name":"VDB-259104 | SourceCodester Internship Portal Management System edit_admin_query.php sql injection","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.259104","name":"VDB-259104 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.309216","name":"Submit #309216 | https://www.sourcecodester.com/ Internship Portal Management System 1.0 SQL Injection","tags":["third-party-advisory"]},{"url":"https://github.com/thisissuperann/Vul/blob/main/Internship-Portal-Management-System-05","tags":["exploit"]}]},"adp":[{"affected":[{"vendor":"internship_portal_management_system_project","product":"internship_portal_management_system","cpes":["cpe:2.3:a:internship_portal_management_system_project:internship_portal_management_system:1.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"1.0","status":"affected"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-07-25T14:47:16.872463Z","id":"CVE-2024-3255","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-07-26T19:27:32.389Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T20:05:08.223Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.259104","name":"VDB-259104 | SourceCodester Internship Portal Management System edit_admin_query.php sql injection","tags":["vdb-entry","technical-description","x_transferred"]},{"url":"https://vuldb.com/?ctiid.259104","name":"VDB-259104 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required","x_transferred"]},{"url":"https://vuldb.com/?submit.309216","name":"Submit #309216 | https://www.sourcecodester.com/ Internship Portal Management System 1.0 SQL Injection","tags":["third-party-advisory","x_transferred"]},{"url":"https://github.com/thisissuperann/Vul/blob/main/Internship-Portal-Management-System-05","tags":["exploit","x_transferred"]}]}]}}