CVE-2024-3347

Summary

CVE-2024-3347 is a critical vulnerability found in SourceCodester Airline Ticket Reservation System 1.0, specifically in the file activate_jet_details_form_handler.php. It can be exploited remotely through SQL injection by manipulating the "jet_id" argument. The exploit has been disclosed to the public and may be utilized by attackers. The associated vulnerability identifier is VDB-259451. This vulnerability has a base severity of HIGH and a base score of 7.3 according to CVSS version 3.1. The potential impact includes low integrity and confidentiality impacts, with an availability impact also being low. It does not require privileges or user interaction to exploit and can be carried out over a network. The remediation for this vulnerability is not specified in the provided information, but organizations using SourceCodester Airline Ticket Reservation System 1.0 should promptly address this issue to prevent potential unauthorized access and data breaches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.