CVE-2024-9085
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-9085 is a critical vulnerability found in the Restaurant Reservation System 1.0, which affects the processing of the file index.php, leading to SQL injection via manipulation of the argument "date." This vulnerability allows remote attacks without requiring user interaction or authentication, posing a significant risk to confidentiality, integrity, and availability of the affected system. The base severity score is rated at 9.8 on the CVSS scale, indicating a high potential for exploitation. Organizations using this software should remediate the issue by applying any available patches or updates from the vendor and reviewing their input validation processes to prevent SQL injection attacks. The vulnerability has been publicly disclosed, increasing its likelihood of being exploited by malicious actors.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.