CVE-2024-8219
CVSS 3.1 Score 7.3 of 10 (high)
Details
Summary
CVE-2024-8219 identifies a critical SQL injection vulnerability in the Responsive Hotel Site 1.0, specifically affecting the index.php file where improper handling of arguments such as name, phone, and email allows remote exploitation. This flaw can lead to unauthorized access and manipulation of database contents. To mitigate this risk, it is recommended that users update to a patched version of the software or implement input validation measures to sanitize user inputs effectively. The vulnerability has been publicly disclosed, increasing the urgency for affected organizations to act. The potential impact includes low confidentiality and integrity risks but poses a significant threat due to its ease of exploitation without requiring user interaction or special privileges.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.