CVE-2024-8949
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2024-8949 is a critical vulnerability identified in SourceCodester Online Eyewear Shop version 1.0, specifically affecting the Cart Content Handler component within the /classes/Master.php file. This vulnerability allows for improper ownership management due to the manipulation of the cart_id/id argument, which can be exploited remotely. The potential impact includes high confidentiality, integrity, and availability risks for affected organizations, as an attacker could gain unauthorized access to sensitive information or functionalities. Remediation efforts should focus on updating the affected software version or applying appropriate security patches to mitigate exploitation risks. The vulnerability has been publicly disclosed, increasing the urgency for organizations to address it promptly.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.