CVE-2024-53480

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 10, 2024
Updated: Dec 12, 2024
CWE ID 89

Summary

CVE-2024-53480: A vulnerability has been identified in Phpgurukul's Beauty Parlour Management System version 1.1. The issue lies in the `login.php` file, which is susceptible to SQL Injection attacks through the `emailcont` parameter. Attackers can exploit this weakness to execute malicious SQL queries and potentially gain unauthorized access to sensitive data. This can lead to privacy breaches, data theft, or even system takeover. Users are advised to upgrade to a patched version of the software to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Phpgurukul Beauty Parlour Management System