CVE-2024-8344

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Aug 30, 2024
Updated: Sep 3, 2024
CWE ID 89

Summary

CVE-2024-8344 is a critical vulnerability affecting Campcodes Supplier Management System version 1.0, specifically in the file /admin/edit_area.php, where manipulation of the argument 'id' can lead to SQL injection attacks. This vulnerability can be exploited remotely, posing a risk of unauthorized access to the database and potential data breaches. Organizations using this software should remediate the issue by updating to a patched version provided by Campcodes and ensuring robust input validation practices are in place. The vulnerability has been publicly disclosed, which increases the urgency for affected users to implement security measures. The CVSS score for this vulnerability is 6.3, indicating medium severity with low authentication requirements for exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share