Codezips Pet Shop Management System 1.0 birdsupdate.php SQL Injection (CVE-2024-10561)

Key Information 1. Vulnerability Name: - Codezips Pet Shop Management System 1.0 Birdsupdate.php ID SQL Injection 2. Vulnerability ID: - VDB-282561 - CVE-2024-10561 3. CVSS Meta Temp Score: - 6.9 4. Current Exploit Price: - $0-$5k 5. CTI Interest Score: - 0.99 6. Vulnerability Description: - A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects some unknown processing of the file birdsupdate.php. The manipulation of the argument id with an unknown input leads to a SQL injection vulnerability. 7. Impact: - This is going to have an impact on confidentiality, integrity, and availability. 8. CVE Description: - A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file birdsupdate.php. The manipulation of the argument id leads to SQL injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. 9. Exploitability Difficulty: - The exploitability is told to be easy. 10. Exploitation Method: - It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. 11. Technical Details and Public Exploit: - Technical details and a public exploit are known. 12. MITRE ATT&CK Technique: - Uses the attack technique T1505 for this issue. 13. Exploit Download: - The exploit is shared for download at github.com. 14. Exploit Type: - It is declared as proof-of-concept. 15. Search for Exploits: - By approaching the search of inurl:birdsupdate.php it is possible to find vulnerable targets with Google Hacking. 16. Possible Mitigations: - There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Goal Reached Thanks to every supporter — we hit 100%!

Codezips Pet Shop Management System 1.0 birdsupdate.php SQL Injection (CVE-2024-10561)