CVE Published: 28/11/2024 |
CVE Updated: 29/11/2024 |
CVE Year: 2024 Source: VulDB |
Vendor: code-projects |
Product: Concert Ticket Ordering System Status : PUBLISHED
CVE-2024-11970 Description
A vulnerability classified as critical has been found in code-projects Concert Ticket Ordering System 1.0. Affected is an unknown function of the file /tour(cor).php. The manipulation of the argument mai leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.