CVE-2024-8219

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Aug 27, 2024
Updated: Aug 29, 2024
CWE ID 89

Summary

CVE-2024-8219 identifies a critical SQL injection vulnerability in the Responsive Hotel Site 1.0, specifically affecting the index.php file where improper handling of arguments such as name, phone, and email allows remote exploitation. This flaw can lead to unauthorized access and manipulation of database contents. To mitigate this risk, it is recommended that users update to a patched version of the software or implement input validation measures to sanitize user inputs effectively. The vulnerability has been publicly disclosed, increasing the urgency for affected organizations to act. The potential impact includes low confidentiality and integrity risks but poses a significant threat due to its ease of exploitation without requiring user interaction or special privileges.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share