.. / CVE-2024-33288

Exploit for Prison Management System - SQL Injection Authentication Bypass (CVE-2024-33288)

Description:

SQL injection vulnerability was found on the login page in the Prison Management System, which allows attackers to bypass authentication.

Affected Products:

Proof of Concept

PoC exploits

Nuclei Template

View the template here CVE-2024-33288.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-33288.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2024-33288
https://en.0day.today/exploit/39610
https://www.sourcecodester.com/sql/17287/prison-management-system.html