CVE-2024-7455

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 4, 2024
Updated: Aug 5, 2024
CWE ID 89

Summary

CVE-2024-7455 is a critical vulnerability affecting the Tailoring Management System 1.0. An unknown part of the file partedit.php contains a flaw that allows sql injection through the manipulation of the argument id. This issue can be exploited remotely, and the code for an exploit has been made public. The vulnerability, identified as VDB-273549, can lead to unauthorized access or data manipulation. System administrators are advised to apply the available patch or workaround immediately to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Tailoring Management System

Affected Vendors

  • Itsourcecode