CVE-2024-2418

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Mar 13, 2024
Updated: Jun 18, 2024
CWE ID 787

Summary

CVE-2024-2418 is a newly disclosed critical vulnerability affecting the SourceCodester Best POS Management System 1.0. The issue lies within an unknown functionality of the file /view_order.php, which is susceptible to SQL injection. By manipulating the id argument, attackers can exploit this vulnerability remotely, potentially gaining unauthorized access to sensitive data. The exploit for this vulnerability has been made public, increasing the risk of widespread attacks. The Vulnerability Database has assigned the identifier VDB-256705 to this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share