CVE-2024-6967

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jul 22, 2024
Updated: Jul 25, 2024
CWE ID 89

Summary

CVE-2024-6967 is a critical vulnerability affecting the SourceCodester Employee and Visitor Gate Pass Logging System 1.0. The issue lies within the /employee_gatepass/admin/manage_employee endpoint, where manipulation of the id argument can result in SQL injection. This vulnerability allows remote attackers to initiate the attack, making it a significant security risk. The exploit for this vulnerability, identified as VDB-272121, has been disclosed to the public, increasing the likelihood of its exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share