CVE-2024-2151

Summary

CVE-2024-2151 is a newly disclosed vulnerability affecting SourceCodester Online Mobile Management Store 1.0. This issue lies within the Product Price Handler component, which handles an unknown functionality. An attacker can exploit this vulnerability by manipulating the argument quantity with a value of -1, leading to business logic errors. The exploit can be executed remotely, increasing the risk for potential attacks. The vulnerability has been made public, and the associated identifier is VDB-255583. Organizations using the affected software are advised to apply patches or updates as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.