CVE-2024-9081

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Sep 22, 2024
Updated: Sep 27, 2024
CWE ID 89

Summary

CVE-2024-9081 is a critical vulnerability identified in SourceCodester Online Eyewear Shop version 1.0, which allows for SQL injection through manipulation of the 'id' argument in the view_category.php file. This vulnerability can be exploited remotely with no required privileges or user interaction, posing a significant risk to the confidentiality of data within affected systems. Organizations utilizing this software may face data breaches or unauthorized access if remediation steps are not taken promptly. It is recommended that users apply patches or updates provided by the vendor and implement web application firewalls to mitigate potential exploits. The vulnerability has been publicly disclosed, increasing its exposure to potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share