CVE-2024-9328
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-9328 is a critical vulnerability affecting the SourceCodester Advocate Office Management System 1.0, specifically in the file /control/edit_client.php, which is susceptible to SQL injection due to improper handling of the argument id. This vulnerability can be exploited remotely without requiring user interaction and may lead to significant impacts on confidentiality, integrity, and availability of the affected system. To remediate this issue, organizations should update their systems to the latest version provided by SourceCodester or implement necessary input validation measures to prevent SQL injection attacks. The low attack complexity combined with high potential impacts makes this a serious threat that could allow unauthorized access or manipulation of sensitive data. Public disclosure of the exploit increases urgency for affected organizations to address this vulnerability promptly.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.