CVE-2024-0288

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 8, 2024

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2024-0288 is a newly disclosed critical vulnerability affecting Kashipara Food Management System 1.0. The issue lies within the rawstock_used_damaged_submit.php file, and attackers can manipulate the product_name argument to execute SQL injection. This vulnerability allows remote attacks, meaning an assailant does not need to have local access to exploit it. The exploit for this issue has been made public, increasing the risk of it being used maliciously. The vulnerability has been assigned the identifier VDB-249849 by Vulnerability Database.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uDsAOu
https://www.cve.org/CVERecord?id=CVE-2024-0288
https://nvd.nist.gov/vuln/detail/CVE-2024-0288

Back to Vulnerability Database

CVE-2024-0288

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations