CVE-2024-37857

{"id": "CVE-2024-37857", "cveTags": [], "metrics": {}, "published": "2024-07-29T19:15:12.257", "references": [{"url": "http://lost.com", "source": "cve@mitre.org"}, {"url": "https://packetstormsecurity.com/files/179080/Lost-And-Found-Information-System-1.0-SQL-Injection.html", "source": "cve@mitre.org"}, {"url": "https://www.sourcecodester.com/", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via id parameter to php-lfis/admin/categories/view_category.php."}, {"lang": "es", "value": " Vulnerabilidad de inyecci\u00f3n SQL en Lost and Found Information System 1.0 permite a un atacante remoto escalar privilegios mediante el par\u00e1metro id a php-lfis/admin/categories/view_category.php."}], "lastModified": "2024-07-30T13:33:30.653", "sourceIdentifier": "cve@mitre.org"}