CVE-2024-6065

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jun 17, 2024

Updated: Aug 8, 2024

CWE ID 89

Summary

CVE-2024-6065 is a newly disclosed critical vulnerability affecting the Bakery Online Ordering System 1.0. The issue lies in the processing of the file index.php, where the argument user_email is susceptible to SQL injection. This vulnerability allows remote attackers to manipulate queries, potentially gaining unauthorized access to sensitive data. The exploit has been made public, increasing the risk of exploitation. The Vulnerability Database has assigned the identifier VDB-268793 to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/whHvHr
https://www.cve.org/CVERecord?id=CVE-2024-6065
https://nvd.nist.gov/vuln/detail/CVE-2024-6065

Back to Vulnerability Database

CVE-2024-6065

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations