CVE-2024-7446

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Aug 3, 2024
Updated: Aug 9, 2024
CWE ID 89

Summary

CVE-2024-7446 is a critical vulnerability identified in the Ticket Reservation System 1.0. This issue lies within the file list_tickets.php, and it enables attackers to perform SQL injection by manipulating the prefSeat_id argument. The exploit can be initiated remotely, making it a significant threat. The vulnerability details have been made public, increasing the risk of potential attacks. Another identifier for this vulnerability is VDB-273531.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share