CVE-2024-6013

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jun 15, 2024

Updated: Jul 19, 2024

CWE ID 89

Summary

CVE-2024-6013 is a critical vulnerability affecting the admin_delete.php file in the Online Book Store 1.0 software. The issue arises from improper handling of user input in the bookisbn argument, leading to SQL injection. This vulnerability can be exploited remotely, allowing unauthorized access to sensitive data or even system takeover. The exploit for this vulnerability has been made public, increasing the risk of attacks. The Vulnerability Database (VDB) has assigned the identifier VDB-268721 to this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Itsourcecode Online Book Store

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/weRkDW
https://www.cve.org/CVERecord?id=CVE-2024-6013
https://nvd.nist.gov/vuln/detail/CVE-2024-6013

Back to Vulnerability Database

CVE-2024-6013

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations