CVE-2024-9009

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Sep 20, 2024
Updated: Sep 25, 2024
CWE ID 89

Summary

CVE-2024-9009 is a critical vulnerability found in the Online Quiz Site version 1.0, specifically affecting the processing of the file showtest.php, which is susceptible to SQL injection due to improper handling of the subid argument. This vulnerability can be exploited remotely, allowing attackers to manipulate database queries and potentially extract sensitive information or compromise system integrity. Remediation efforts should include updating the affected software to a patched version and implementing secure coding practices to prevent SQL injection attacks. Organizations using this software are at risk of data breaches and unauthorized access, with potential impacts on confidentiality and integrity. The vulnerability has been publicly disclosed, increasing the urgency for affected users to address it promptly.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share