CVE-2024-51326
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Nov 4, 2024
Updated: Nov 6, 2024
CWE ID 89
Summary
CVE-2024-51326 is a newly discovered SQL Injection vulnerability affecting the Travel management System v.1.0 by projectworlds. This issue enables remote attackers to execute arbitrary code by exploiting a weakness in the 't2' parameter found in the deletesubcategory.php file. Successful exploitation could lead to significant data breaches or system takeovers, making it crucial for users to update their systems as soon as a patch becomes available.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share