CVE-2024-7119
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2024-7119 is a critical vulnerability affecting MD-MAFUJUL-HASAN's Online-Payroll-Management-System up to September 11, 2023. This issue lies in an unknown functionality of the file /employee_viewmore.php, which can be exploited through SQL injection by manipulating the argument id. The vulnerability allows remote attacks and has been publicly disclosed, increasing the risk for exploitation. The product employs continuous delivery with rolling releases, making it unclear which versions are affected or have been updated. VDB-272450 identifies this vulnerability, and the vendor was contacted about the disclosure but did not respond.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.