CVE-2024-7449

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 4, 2024
Updated: Aug 5, 2024
CWE ID 89

Summary

CVE-2024-7449 is a critical vulnerability affecting the Placement Management System 1.0. This issue lies within an unnamed function in the login.php file. Manipulation of the email argument leads to a SQL injection vulnerability, allowing attackers to launch remote attacks. The exploit for this vulnerability has been made public, increasing the risk of exploitation. The identifier for this vulnerability is VDB-273540.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share