Vulnerability CVE-2024-24497


Published: 2024-02-08

Description:
SQL Injection vulnerability in Employee Management System v.1.0 allows a remote attacker to execute arbitrary SQL commands via the txtusername and txtpassword parameters in the login.php components.

 References:
https://github.com/0xQRx/VulnerabilityResearch/blob/master/2024/EmployeeManagementSystem-SQL_Injection_Admin_Login.md

Copyright 2026, cxsecurity.com

 

Back to Top