CVE-2024-2534
CVSS 3.1 Score 6.3 of 10 (medium)
Details
Published Mar 17, 2024
Updated: May 17, 2024
CWE ID 89
Summary
CVE-2024-2534 is a critical vulnerability affecting the MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. It lies in an unspecified part of the /admin/users.php file, where manipulation of the user_id argument can lead to SQL injection. Attacks can be carried out remotely, and the exploit has become publicly disclosed, increasing the risk of potential harm. The identifier for this vulnerability is VDB-256971. Regrettably, the vendor has not responded to disclosure notifications regarding this issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share