Overview
- Description
- A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. This vulnerability affects unknown code of the file /incadd.php. The manipulation of the argument inccat/desc/date/amount leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only mentions the parameter "inccat" to be affected. But it must be assumed "desc", "date", and "amount" are affected as well.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Social media
- Hype score
- Not currently trending
🚨 CVE-2024-11074 (Published: 2024-11-11) - A critical vulnerability in itsourcecode affects multiple versions. Users are urged to update to the latest version immediately to mitigate risks. For more details, visit: https://t.co/bvC4ovRbE2 #CyberSecurity #Vulnerability #CVE
@transilienceai
15 Nov 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11074 (Published: 2024-11-11) - A critical vulnerability in itsourcecode affects multiple versions. Users are urged to update to the latest release to mitigate risks. For more details and remediation steps, visit: https://t.co/bvC4ovRbE2 #CyberSecurity… https://t.co/E
@transilienceai
15 Nov 2024
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11074 (Published: 2024-11-11) - A critical vulnerability in itsourcecode affects multiple versions. Users are urged to update to the latest release to mitigate risks. For more details and remediation steps, visit: https://t.co/bvC4ovRbE2 #CyberSecurity… https://t.co/Y
@transilienceai
15 Nov 2024
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11074 (Published: 2024-11-11) - A critical vulnerability in itsourcecode affects multiple versions. Users are urged to update to the latest release to mitigate risks. For more details and remediation steps, visit: https://t.co/bvC4ovRbE2 #CyberSecurity… https://t.co/y
@transilienceai
15 Nov 2024
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11074 A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. This vulnerability affects unknown code of the file /incadd.php. The… https://t.co/mX4AwVg6Ou
@CVEnew
11 Nov 2024
424 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:angeljudesuarez:tailoring_management_system:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6D27827-5554-4FAB-8460-52599930F4FF"
}
],
"operator": "OR"
}
]
}
]