CVE-2024-2069

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Mar 1, 2024

Updated: May 17, 2024

CWE ID 122

Summary

CVE-2024-2069 is a newly disclosed critical vulnerability affecting the SourceCodester FAQ Management System version 1.0. An unknown function in the file /endpoint/delete-faq.php is susceptible to SQL injection attacks. Malicious actors can manipulate the argument faq to execute malicious SQL queries, which may lead to unauthorized data access or system compromise. The exploit is publicly known, increasing the risk of attacks. It is recommended that users of this software upgrade to a patched version as soon as possible. (VDB-255384)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uFf9Dt
https://www.cve.org/CVERecord?id=CVE-2024-2069
https://nvd.nist.gov/vuln/detail/CVE-2024-2069

Back to Vulnerability Database

CVE-2024-2069

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations