CVE-2024-5357

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published May 26, 2024

Updated: Jun 7, 2024

CWE ID 89

Summary

CVE-2024-5357 is a newly disclosed critical vulnerability affecting the PHPGurukul Zoo Management System version 2.1. The issue lies within an unknown functionality of the /admin/forgot-password.php file, allowing an attacker to execute SQL injection attacks. Manipulation of the email argument can be exploited remotely, making this vulnerability a serious concern. The exploit for this flaw has been made public, increasing the risk of potential attacks. VDB-266269 has been assigned to this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

PHPGurukul Zoo Management System

Affected Vendors

Phpgurukul

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wGtXk4
https://www.cve.org/CVERecord?id=CVE-2024-5357
https://nvd.nist.gov/vuln/detail/CVE-2024-5357

Back to Vulnerability Database