CVE-2024-0276

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jan 7, 2024
Updated: May 17, 2024
CWE ID 89

Summary

CVE-2024-0276 is a critical vulnerability affecting the Kashipara Food Management System up to version 1.0. The issue lies in the rawstock_used_damaged_smt.php file, where an argument named product_name can be manipulated to execute SQL injection attacks. These attacks can be initiated remotely, making the vulnerability a significant security concern. The exploit for this vulnerability, identified as VDB-249831, has been disclosed to the public, increasing the risk of potential exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share