CVE-2024-51030

MEDIUM

Oretnom23 Cab Management System - SQL Injection

Title source: rule

Description

A SQL injection vulnerability in manage_client.php and view_cab.php of Sourcecodester Cab Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, leading to unauthorized access and potential compromise of sensitive data within the database.

Exploits (1)

nomisec WRITEUP

by vighneshnair7 · poc

https://github.com/vighneshnair7/CVE-2024-51030

View Code ZIP pw:eip

References (2)

[Third Party Advisory] https://github.com/vighneshnair7/CVE-2024-51030

[Product] https://www.sourcecodester.com/php/15180/cab-management-system-phpoop-free-source-code.html

Scores

CVSS v3 6.5

EPSS 0.0764

EPSS Percentile 91.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-89

Status published

Products (1)

oretnom23/cab_management_system 1.0

Published Nov 08, 2024

Tracked Since Feb 18, 2026