CVE-2024-9039

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Sep 20, 2024
Updated: Sep 26, 2024
CWE ID 89

Summary

CVE-2024-9039 is a critical vulnerability affecting the SourceCodester Best House Rental Management System version 1.0, specifically within the /ajax.php?action=signup file. This vulnerability allows for SQL injection through manipulation of the firstname, lastname, or email parameters, which can be exploited remotely without authentication. The impact on confidentiality and integrity is assessed as low, although it poses a significant risk due to its ease of exploitation and potential for unauthorized database access. Organizations using this system are advised to implement patches or workarounds as soon as possible to mitigate the risk associated with this vulnerability. The exploit has been publicly disclosed, increasing urgency for remediation efforts.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share