CVE-2024-28595 Information

Description

SQL Injection vulnerability in Employee Management System v1.0 allows attackers to run arbitrary SQL commands via the admin_id parameter in update-admin.php.

Reference

https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-28595.md