CVE-2024-11819
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Nov 27, 2024
Updated: Dec 3, 2024
CWE ID 74
CWE ID 89
Summary
CVE-2024-11819 is a newly disclosed critical vulnerability in the 1000 Projects Portfolio Management System MCA 1.0. This issue affects an unknown part of the file /forgot_password_process.php and allows for sql injection through the manipulation of the username argument. The exploit can be initiated remotely, making it a significant security risk. Public disclosure of the exploit increases the likelihood of attacks, highlighting the urgency for affected organizations to apply patches or mitigations.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share