CVE-2024-8345
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-8345 is a critical vulnerability affecting SourceCodester Music Gallery Site version 1.0, specifically within the file /classes/Users.php?f=delete, where improper handling of the argument 'id' allows for SQL injection attacks. This flaw can potentially be exploited remotely by attackers without requiring any special privileges or user interaction, posing significant risks to an organization's data integrity and confidentiality. The CVSS score for this vulnerability is 9.8, indicating a high level of severity with considerable impacts on availability, integrity, and confidentiality. To remediate this issue, it is advised that organizations update their systems to address this vulnerability as soon as a patch becomes available, and review their database interaction methods to mitigate SQL injection risks. Public knowledge of this exploit may increase the urgency for organizations to secure their systems against potential attacks utilizing this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.