CVE-2024-7668

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Aug 12, 2024
Updated: Aug 15, 2024
CWE ID 89

Summary

CVE-2024-7668 is a newly identified critical vulnerability in the SourceCodester Car Driving School Management System 1.0. The issue lies within the delete_package function of the Master.php file, which is susceptible to SQL injection. By manipulating the id argument, an attacker can inject malicious SQL codes, leading to unauthorized data access or modification. This vulnerability can be exploited remotely, increasing the risk to organizations using this software. The exploit for this vulnerability has been disclosed to the public, making it essential for users to apply the necessary patches as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share