CVE-2024-1702

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Feb 21, 2024

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2024-1702 is a critical vulnerability affecting the PHP-MYSQL-User-Login-System 1.0, specifically an unknown functionality in the /edit.php file. This issue results in SQL injection, enabling remote attackers to manipulate data or gain unauthorized access. The exploit for this vulnerability has been disclosed to the public, increasing the risk of exploitation. Vendor communication regarding this disclosure was unsuccessful. (VDB-254390)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/umNx1T
https://www.cve.org/CVERecord?id=CVE-2024-1702
https://nvd.nist.gov/vuln/detail/CVE-2024-1702

Back to Vulnerability Database

CVE-2024-1702

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations