CVE-2024-7947

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 20, 2024

CWE ID 89

Summary

CVE-2024-7947 is a newly disclosed critical vulnerability affecting the SourceCodester Point of Sales and Inventory Management System version 1.0. The issue lies within the login.php file and permits attackers to execute SQL injection through manipulation of the email argument. This vulnerability can be exploited remotely, increasing the potential threat to organizations using this software. The exploit for this vulnerability has been made public, making it imperative for users to take immediate action to secure their systems against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/x5HX_J
https://www.cve.org/CVERecord?id=CVE-2024-7947
https://nvd.nist.gov/vuln/detail/CVE-2024-7947

Back to Vulnerability Database

CVE-2024-7947

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations