CVE-2024-55460

Summary

CVE-2024-55460 is a time-based SQL injection vulnerability discovered in the login page of BoardRoom Limited's Dividend Distribution Tax Election System Version 2.0. This issue enables attackers to inject malicious SQL code by manipulating the time component of an input field. By exploiting this vulnerability, attackers can gain unauthorized access to sensitive data or execute arbitrary code, potentially leading to serious data breaches or system compromises. This flaw poses a significant threat to organizations using the affected system and emphasizes the importance of implementing proper input validation techniques and keeping software up-to-date to mitigate such risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.