CVE-2024-2355

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Mar 10, 2024
Updated: May 17, 2024

Summary

CVE-2024-2355 is a newly disclosed vulnerability affecting the keerti1924 Secret-Coder-PHP-Project 1.0 software. This issue lies in an unknown functionality of the file /secret_coder.sql, leading to sensitive information being included in the source code. An attacker can exploit this remotely, given the complexity and difficulty level of the attack. Although the exploit has been made public, the vendor has yet to respond to disclosure notifications. This vulnerability, identified as VDB-256315, poses a significant risk and requires immediate attention from users.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share