CVE-2024-7168

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jul 28, 2024
Updated: Aug 12, 2024
CWE ID 89

Summary

CVE-2024-7168 is a newly disclosed critical vulnerability affecting the SourceCodester School Fees Payment System 1.0. This issue lies within an unknown functionality of the /manage_user.php file, enabling an attacker to perform SQL injection through manipulation of the id argument. The vulnerability can be exploited remotely, and the exploit has been made public. Vulnerability database VDB assigns the identifier VDB-272582 to this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share