CVE-2024-28322 in Event Managementinfo

Summary

by MITRE • 04/27/2024

A vulnerability was found in PuneethReddyHC Event Management 1.0. It has been rated as critical. This issue affects some unknown processing of the file /backend/register.php. The manipulation of the argument event_id/full_name/email/mobile/college/branch leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259613 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

VulDB

Disclosure

04/27/2024

Moderation

accepted

Entry

VDB-259613

CPE

ready

CWE

CWE-89 (confirmed)

Exploit

Download

CVSS

8.8 (NVD)

EPSS

0.00097

KEV

Activities

very low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-28322
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-28322
CVE Details	https://www.cvedetails.com/cve/CVE-2024-28322/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!