CVE-2024-7289

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jul 31, 2024
Updated: Aug 13, 2024
CWE ID 89

Summary

CVE-2024-7289 is a critical vulnerability affecting the SourceCodester Establishment Billing Management System version 1.0. An unknown functionality in the file /manage_payment.php is susceptible to SQL injection, allowing attackers to manipulate arguments and potentially gain unauthorized access. The vulnerability can be exploited remotely, making it a significant threat. The exploit has been publicly disclosed, increasing the risk of attacks. VDB-273158 is the identifier assigned to this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Establishment Billing Management System