CVE-2024-24140

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Jan 29, 2024

Updated: Feb 2, 2024

CWE ID 89

Summary

CVE-2024-24140 is a vulnerability affecting the Sourcecodester Daily Habit Tracker App version 1.0. An SQL injection issue is present in this application, allowing malicious users to inject malicious SQL statements through the 'tracker' parameter. Successful exploitation could result in unauthorized access to sensitive data, modification of data, or even complete system takeover. Users are advised to update to the latest version of the app or implement appropriate input validation measures to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uRmVgQ
https://www.cve.org/CVERecord?id=CVE-2024-24140
https://nvd.nist.gov/vuln/detail/CVE-2024-24140

Back to Vulnerability Database

CVE-2024-24140

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations