CVE-2024-52724
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-52724 refers to a recently discovered SQL injection vulnerability in the ZZCMS 2023 content management system. The flaw is located in the /q/show.php file, which unfortunately leaves this part of the software open to attack. Malicious actors can exploit the issue by injecting malicious SQL commands into the input fields, enabling them to extract, modify, or delete sensitive data from the database. This kind of vulnerability can lead to serious security breaches and unauthorized access, underscoring the importance of keeping all software up-to-date with the latest security patches.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.