CVE-2024-2282

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Mar 8, 2024

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2024-2282 is a critical vulnerability affecting the boyiddha Automated-Mess-Management-System 1.0. The issue lies in the processing of the /index.php component's Login Page, where manipulation of the argument useremail can result in SQL injection. This vulnerability can be exploited remotely and the exploit has been disclosed to the public. The identifier VDB-256049 has been assigned to this issue. Unfortunately, the vendor was contacted about this disclosure but did not respond.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uy3hWf
https://www.cve.org/CVERecord?id=CVE-2024-2282
https://nvd.nist.gov/vuln/detail/CVE-2024-2282

Back to Vulnerability Database

CVE-2024-2282

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations