CVE-2024-2153

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Mar 4, 2024

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2024-2153 is a critical vulnerability affecting the SourceCodester Online Mobile Management Store 1.0. An unknown part of the file /admin/orders/view_order.php contains a SQL injection vulnerability, which can be triggered by manipulating the id argument. This issue allows remote attackers to initiate the exploit, potentially gaining unauthorized access to sensitive data. The vulnerability, identified as VDB-255585, has been publicly disclosed, increasing the risk of exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uvcT1S
https://www.cve.org/CVERecord?id=CVE-2024-2153
https://nvd.nist.gov/vuln/detail/CVE-2024-2153

Back to Vulnerability Database

CVE-2024-2153

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations