CVE-2024-2168 – SourceCodester Online Tours & Travels Management System HTTP POST Request expense_category.php sql injection

https://notcve.org/view.php?id=CVE-2024-2168

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/operations/expense_category.php of the component HTTP POST Request Handler. The manipulation of the argument status leads to sql injection. It is possible to launch the attack remotely. • https://github.com/W01fh4cker/CVE-2024-21683-RCE https://github.com/r00t7oo2jm/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server https://github.com/xh4vm/CVE-2024-21683 https://github.com/phucrio/CVE-2024-21683-RCE https://vuldb.com/?ctiid.255678 https://vuldb.com/?id.255678 https://www.yuque.com/mailemonyeyongjuan/nekc0f/uoobn101h48xv6ih • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •