CVE-2024-6957

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 21, 2024
Updated: Jul 22, 2024
CWE ID 89

Summary

CVE-2024-6957 is a newly disclosed critical vulnerability affecting the University Management System 1.0 from itsourcecode. The issue lies within the file functions.php, specifically the component Login. An attacker can leverage sql injection by manipulating the argument username. This vulnerability allows remote exploitation, increasing the risk for potential data breaches. The exploit has been made public, heightening the urgency for affected organizations to apply patches and secure their systems. The associated identifier for this vulnerability is VDB-272079.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share