CVE-2020-24193

CRITICAL

Sourcecodetester Daily Tracker System 1.0 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-24193. PoCs published by Adeeb Shah.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in Daily Tracker System 1.0 via SQL injection. The malicious POST request bypasses login by injecting a tautology into the email field, allowing unauthorized access.

Description

A SQL injection vulnerability in login in Sourcecodetester Daily Tracker System 1.0 allows unauthenticated user to execute authentication bypass with SQL injection via the email parameter.

Exploits (1)

exploitdb WORKING POC

by Adeeb Shah · textwebappsphp

https://www.exploit-db.com/exploits/48787

View Code ZIP pw:eip

This exploit demonstrates an authentication bypass vulnerability in Daily Tracker System 1.0 via SQL injection. The malicious POST request bypasses login by injecting a tautology into the email field, allowing unauthorized access.

Classification

Working Poc 100%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Daily Tracker System 1.0

No auth needed

Prerequisites: Access to the login page of the target application

MITRE ATT&CK

T1110 - Brute Force T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Broken Link x_refsource_misc

http://sourcecodetester.com

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/48787

Scores

CVSS v3 9.8

EPSS 0.0277

EPSS Percentile 84.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-89

Status published

Products (1)

daily_tracker_system_project/daily_tracker_system 1.0

Published Sep 03, 2020

Tracked Since Feb 18, 2026