CVE-2024-4799

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published May 14, 2024

Updated: Jun 4, 2024

CWE ID 89

Summary

CVE-2024-4799 is a recently disclosed critical vulnerability affecting Kashipara College Management System 1.0. The issue lies in the file view_each_faculty.php where an sql injection vulnerability can be exploited. By manipulating the argument id, an attacker can inject malicious SQL commands, which can lead to unauthorized data access or system compromise. Remotely initiating this attack is possible, making it a significant threat. The exploit for this vulnerability, identified as VDB-263919, has been made public, increasing the risk of potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v4sF6C
https://www.cve.org/CVERecord?id=CVE-2024-4799
https://nvd.nist.gov/vuln/detail/CVE-2024-4799

Back to Vulnerability Database

CVE-2024-4799

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations