CVE-2024-12231
CVSS 2.0 Score 7.5 of 10 (high)
Details
Published Dec 5, 2024
CWE ID 89
CWE ID 74
Summary
CVE-2024-12231 is a critical vulnerability affecting the CodeZips Project Management System 1.0. This issue resides in an unspecified area of the /index.php file. An attacker can exploit this vulnerability by manipulating the email argument, leading to SQL injection. The exploit allows remote attacks, increasing the threat level. The vulnerability has been publicly disclosed, potentially putting numerous systems at risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share