CVE-2024-10702
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Nov 2, 2024
Updated: Nov 5, 2024
CWE ID 89
Summary
CVE-2024-10702: A critical sql injection vulnerability has been identified in the Simple Car Rent System 1.0. This issue affects an unnamed function within the /signup.php file. Manipulation of the 'fname' argument can be exploited for remote code execution. The exploit code is publicly available, increasing the risk of attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share