CVE-2024-9085

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 22, 2024
Updated: Sep 27, 2024
CWE ID 89

Summary

CVE-2024-9085 is a critical vulnerability found in the Restaurant Reservation System 1.0, which affects the processing of the file index.php, leading to SQL injection via manipulation of the argument "date." This vulnerability allows remote attacks without requiring user interaction or authentication, posing a significant risk to confidentiality, integrity, and availability of the affected system. The base severity score is rated at 9.8 on the CVSS scale, indicating a high potential for exploitation. Organizations using this software should remediate the issue by applying any available patches or updates from the vendor and reviewing their input validation processes to prevent SQL injection attacks. The vulnerability has been publicly disclosed, increasing its likelihood of being exploited by malicious actors.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share