CVE-2024-6953

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 21, 2024

Updated: Jul 22, 2024

CWE ID 89

Summary

CVE-2024-6953 is a critical vulnerability affecting the Tailoring Management System 1.0. The issue arises from improper processing of the argument "customer" in the file "sms.php", leading to SQL injection. An attacker can exploit this remotely, gaining unauthorized access to sensitive information or potentially executing malicious code. The vulnerability has been made public, increasing the risk of exploitation. The associated identifier for this issue is VDB-272075.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Tailoring Management System

Affected Vendors

Itsourcecode

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xIu0Hp
https://www.cve.org/CVERecord?id=CVE-2024-6953
https://nvd.nist.gov/vuln/detail/CVE-2024-6953

Back to Vulnerability Database