Critical severity9.8NVD Advisory· Published Apr 15, 2024· Updated Jun 17, 2026
CVE-2024-28557
CVE-2024-28557
Description
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php.
Affected products
2- Range: = 1.0
Patches
Vulnerability mechanics
References
2- github.com/xuanluansec/vul/blob/main/vul/2/README-SQL-2.mdnvdExploitThird Party Advisory
- github.com/xuanluansec/vul/issues/2nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.