CVE-2024-8416

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 4, 2024
Updated: Sep 6, 2024
CWE ID 89

Summary

CVE-2024-8416 is a critical vulnerability identified in the SourceCodester Food Ordering Management System version 1.0, specifically affecting the file located at /routers/ticket-status.php. The vulnerability arises from an SQL injection due to improper handling of the ticket_id argument, allowing for potential remote exploitation without requiring authentication. It poses a high risk to organizations by compromising confidentiality, integrity, and availability of data, with a CVSS base score of 9.8 indicating severe impact. To remediate this issue, affected users should update their systems or apply patches provided by SourceCodester as soon as possible. Public disclosure of the exploit increases urgency for organizations to address this vulnerability promptly to mitigate risks associated with unauthorized database access.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share