CVE-2024-9081
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-9081 is a critical vulnerability identified in SourceCodester Online Eyewear Shop version 1.0, which allows for SQL injection through manipulation of the 'id' argument in the view_category.php file. This vulnerability can be exploited remotely with no required privileges or user interaction, posing a significant risk to the confidentiality of data within affected systems. Organizations utilizing this software may face data breaches or unauthorized access if remediation steps are not taken promptly. It is recommended that users apply patches or updates provided by the vendor and implement web application firewalls to mitigate potential exploits. The vulnerability has been publicly disclosed, increasing its exposure to potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.