CVE-2024-0463

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 12, 2024

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2024-0463 is a critical vulnerability affecting the code-projects Online Faculty Clearance 1.0 software. This issue lies in the HTTP POST Request Handler's /production/admin_view_info.php component, where manipulation of the 'haydi' argument can lead to SQL injection. The exploit can be launched remotely, and the vulnerability has been disclosed to the public, posing a significant risk. This security flaw, identified as VDB-250568, allows attackers to inject malicious SQL commands into the system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uHmiIN
https://www.cve.org/CVERecord?id=CVE-2024-0463
https://nvd.nist.gov/vuln/detail/CVE-2024-0463

Back to Vulnerability Database

CVE-2024-0463

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations