CVE-2024-7115

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jul 26, 2024

Updated: Aug 8, 2024

CWE ID 89

Summary

CVE-2024-7115 is a newly disclosed critical vulnerability affecting the MD-MAFUJUL-HASAN Online-Payroll-Management-System up to September 11, 2023. The issue lies in unknown code of the file /designation_viewmore.php and allows for sql injection through the manipulation of the id argument. This vulnerability can be exploited remotely, making it a significant risk. Unfortunately, no version details of affected or updated releases have been made available by the vendor, who did not respond to early disclosure attempts. This vulnerability, identified as VDB-272446, has been disclosed to the public and may be actively exploited.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database