CVE-2024-2531
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-2531 is a newly disclosed critical vulnerability affecting the MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0. An unknown function in the /admin/update-rooms.php file has been identified as the culprit, leading to an unrestricted upload vulnerability. This issue allows remote attackers to manipulate the system, potentially causing significant damage. The exploit for this vulnerability, identified as VDB-256968, has been made public, increasing the risk of exploitation. Sadly, the vendor has not responded to early disclosure efforts, leaving users potentially vulnerable.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Hotel Management System Project