CVE-2024-2674

Summary

A critical vulnerability, identified as CVE-2024-2674, has been discovered in Campcodes Online Job Finder System 1.0. The vulnerability involves SQL injection, which can be exploited remotely through the manipulation of the argument id in the /admin/employee/index.php file. This exploit has been made public, posing a potential danger to organizations using this system. The vulnerability has a CVSS score of 6.5, indicating a medium severity level. It requires low privileges and does not require user interaction, making it easier for attackers to exploit. Remediation measures should be taken promptly to mitigate the risk associated with this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.