CVE-2024-10355

A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/invoice.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

More information : https://vuldb.com/?id.281702

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : HIGH
User interaction : NONE
Confidentiality impact : HIGH
Integrity impact : NONE
Base score : 4.9
Base severity : MEDIUM
Exploitability score : 1.2
Impact score : 3.6