CVE-2024-0487

Published Jan 13, 2024

Last updated 6 months ago

Overview

Description: A vulnerability was found in code-projects Fighting Cock Information System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/action/delete-vaccine.php. The manipulation of the argument ref leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250592.
Source: cna@vuldb.com
NVD status: Modified

Hype score: Not currently trending

🚨 CVE-2024-10007 (Published: 2024-11-07) - High severity vulnerability in GitHub Enterprise Server v3.14.3. Affects multiple CVEs: CVE-2024-0487, CVE-2024-9539, CVE-2024-8810, CVE-2024-8770. Remediation: Update to the latest version to mitigate risks. More info:… https://t.co/bl
@transilienceai
Nov 11, 2024 5:05 AM
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Secondary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P

Weaknesses

cna@vuldb.com: CWE-89

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:code-projects:fighting_cock_information_system:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0249E06A-469D-4F3E-9BDE-0A0EC6B58056"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Configurations

References