CVE-2024-2670

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Mar 20, 2024
Updated: Mar 21, 2024
CWE ID 89

Summary

A critical vulnerability, identified as CVE-2024-2670, has been discovered in Campcodes Online Job Finder System 1.0. The vulnerability occurs in an unknown function of the file /admin/vacancy/index.php and can be exploited through remote SQL injection attacks. This exploit has been publicly disclosed and may be actively used. The vulnerability has a risk score of 25 and a base severity of medium. It requires low privileges and user interaction is not required. The impact includes low integrity and confidentiality risks. Organizations using this system are advised to apply appropriate patches or updates to remediate the vulnerability and prevent potential unauthorized access to their database or system resources.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share