CVE-2024-51030

MEDIUM

Sourcecodester Cab Management System 1.0 - SQL Injection via id Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-51030. PoCs published by vighneshnair7.

AI-analyzed exploit summary This repository provides a detailed writeup for CVE-2024-51030, a SQL injection vulnerability in Sourcecodester Cab Management System 1.0. It describes the attack vector, including steps to exploit the vulnerability using boolean-based or time-based blind SQL injection payloads.

Description

A SQL injection vulnerability in manage_client.php and view_cab.php of Sourcecodester Cab Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, leading to unauthorized access and potential compromise of sensitive data within the database.

Exploits (1)

nomisec WRITEUP
by vighneshnair7 · poc
https://github.com/vighneshnair7/CVE-2024-51030

This repository provides a detailed writeup for CVE-2024-51030, a SQL injection vulnerability in Sourcecodester Cab Management System 1.0. It describes the attack vector, including steps to exploit the vulnerability using boolean-based or time-based blind SQL injection payloads.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Sourcecodester Cab Management System 1.0
Auth required
Prerequisites: Access to the application with admin or staff credentials · SQLMap tool for further exploitation
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 6.5
EPSS 0.0068
EPSS Percentile 47.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (1)
oretnom23/cab_management_system 1.0
Published Nov 08, 2024
Tracked Since Feb 18, 2026