CVE-2024-7643

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 12, 2024

Updated: Aug 15, 2024

CWE ID 89

Summary

CVE-2024-7643 is a critical vulnerability affecting the SourceCodester Leads Manager Tool 1.0. This issue lies within the Delete Leads Handler component, specifically the /endpoint/delete-leads.php file. An attacker can take advantage of this SQL injection vulnerability by manipulating the 'leads' argument, allowing remote code execution. The exploit for this vulnerability has been made public, making it a significant threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xnAjk1
https://www.cve.org/CVERecord?id=CVE-2024-7643
https://nvd.nist.gov/vuln/detail/CVE-2024-7643

Back to Vulnerability Database

CVE-2024-7643

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations