CVE-2024-2067
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Mar 1, 2024
Updated: Dec 17, 2024
CWE ID 305
CWE ID 290
Summary
CVE-2024-2067 is a critical vulnerability disclosed in SourceCodester Computer Inventory System 1.0. This issue involves unknown code in the file /endpoint/delete-computer.php, which is susceptible to SQL injection. An attacker can manipulate the 'computer' argument and initiate the exploit remotely. The vulnerability has been publicly disclosed, increasing the risk of exploitation. VDB-255382 is the assigned identifier for this security flaw.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Microsoft Windows 10
- Microsoft Windows 11
- Microsoft Windows Server 2008
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
Affected Vendors
- Microsoft