CVE-2024-10758
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-10758 is a critical vulnerability affecting the Content Management System and News-Buzz 1.0 software developed by code-projects/anirbandutta9. The issue lies in the /index.php file, where an sql injection vulnerability is present. An attacker can manipulate the user_name argument to execute malicious SQL queries. This vulnerability can be exploited remotely, making it a significant threat. The exploit for this issue has been disclosed publicly, increasing the risk of attacks. The product is distributed under two distinct names, adding complexity to the identification and mitigation of this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Content-Management System