CVE-2024-1702
CVSS 3.1 Score 6.3 of 10 (medium)
Details
Published Feb 21, 2024
Updated: May 17, 2024
CWE ID 89
Summary
CVE-2024-1702 is a critical vulnerability affecting the PHP-MYSQL-User-Login-System 1.0, specifically an unknown functionality in the /edit.php file. This issue results in SQL injection, enabling remote attackers to manipulate data or gain unauthorized access. The exploit for this vulnerability has been disclosed to the public, increasing the risk of exploitation. Vendor communication regarding this disclosure was unsuccessful. (VDB-254390)
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share