CVE-2024-50994

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Nov 5, 2024

CWE ID 120

Summary

CVE-2024-10844 is a critical vulnerability affecting the file search.php in the 1000 Projects Bookstore Management System 1.0. The issue involves the manipulation of the s argument, which leads to SQL injection. This vulnerability allows remote attackers to initiate the exploit, potentially gaining unauthorized access to sensitive data or even taking control of the system. The exploit for this vulnerability has been disclosed to the public and may be used maliciously. System administrators are strongly advised to apply the necessary patches or updates to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

R8 500

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/z7RoEa
https://www.cve.org/CVERecord?id=CVE-2024-50994
https://nvd.nist.gov/vuln/detail/CVE-2024-50994

Back to Vulnerability Database

CVE-2024-50994

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations