Ghostwire

CVE-2024-33288: Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the...

CRITICAL CVSS 9.5 Exploit Available

Published: May 8, 2026 | Last Modified: May 8, 2026

Description

Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page.

Ghostwire Analysis — What This Means Practically

Critical CVSS score indicates maximum severity — remote code execution, authentication bypass, or complete system compromise is likely possible.
Exploit code is reported to be available, increasing the likelihood of active exploitation.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (2 articles)

References

www.tenable.com/cve/CVE-2024-33288
www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2024-33288
www.exploit-db.com/exploits/52017
www.sourcecodester.com/sql/17287/prison-management-system.html
nvd.nist.gov/vuln/detail/CVE-2024-33288