CVE-2024-2999

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Mar 27, 2024

Updated: May 17, 2024

CWE ID 522

Summary

CVE-2024-2999 is a newly disclosed critical vulnerability affecting the Campcodes Online Art Gallery Management System 1.0. The issue lies within the /admin/adminHome.php file, where a sql injection vulnerability can be triggered by manipulating the uname argument. This vulnerability allows for remote attacks, meaning an unauthorized user can exploit it from outside the system. The exploit for this vulnerability has been made public, increasing the risk for potential attacks. The vulnerability has been assigned the identifier VDB-258201 by the Vulnerability Database.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vJ_tg0
https://www.cve.org/CVERecord?id=CVE-2024-2999
https://nvd.nist.gov/vuln/detail/CVE-2024-2999

Back to Vulnerability Database

CVE-2024-2999

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations