CVE-2024-7374

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 2, 2024

Updated: Aug 9, 2024

CWE ID 89

Summary

CVE-2024-7374 is a newly disclosed critical vulnerability affecting the SourceCodester Simple Realtime Quiz System 1.0. The issue lies in the manipulation of the id argument in the /manage_user.php file, leading to a sql injection vulnerability. An attacker can exploit this remotely, making it a significant security risk. The exploit for this vulnerability (VDB-273358) has been made public, increasing the likelihood of it being used maliciously.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Simple Realtime Quiz System

Affected Vendors

Sourcecodester

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xZJkCv
https://www.cve.org/CVERecord?id=CVE-2024-7374
https://nvd.nist.gov/vuln/detail/CVE-2024-7374

Back to Vulnerability Database