CVE-2024-8139

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Aug 25, 2024
Updated: Aug 26, 2024
CWE ID 89

Summary

CVE-2024-8139 is a critical vulnerability affecting the itsourcecode E-Commerce Website 1.0, specifically in the search_list.php file, which is susceptible to SQL injection through user input manipulation. This vulnerability can be exploited remotely with low complexity and does not require user interaction, posing potential risks to data confidentiality and integrity. Users are recommended to apply immediate patches or updates to mitigate the risk associated with this vulnerability. The exploit has been publicly disclosed, increasing the urgency of remediation efforts for organizations using this software. The CVSS base score for this vulnerability is 6.3, indicating a medium severity level.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share