CVE-2024-8167

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Aug 26, 2024
CWE ID 89

Summary

CVE-2024-8167 is a critical vulnerability found in the Job Portal 1.0 application from code-projects, specifically affecting the /forget.php file due to improper handling of email/mobile arguments, which allows for SQL injection attacks that can be executed remotely. The vulnerability poses a high danger to organizations as it can potentially compromise data integrity and confidentiality with an exploitability score of 3.9 and a base severity rating of 7.3. Remediation steps include updating the application code to properly sanitize inputs to prevent SQL injection vulnerabilities. Organizations are advised to monitor for any unusual activity and apply security patches as soon as they become available. Public disclosure of the exploit heightens the urgency for affected users to address this vulnerability swiftly.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share