CVE-2024-8347

Summary

CVE-2024-8347 is a critical vulnerability affecting SourceCodester's Computer Laboratory Management System version 1.0, specifically in the delete_record function within the Master.php file. This vulnerability allows remote attackers to exploit SQL injection by manipulating the argument 'id', potentially compromising confidentiality, integrity, and availability. It has been rated with a CVSS base score of 9.8, indicating severe risk due to the low complexity of the attack and lack of required privileges for exploitation. Organizations using this product should promptly apply available patches or implement workarounds to mitigate the risk associated with this vulnerability. The potential impact includes unauthorized access to sensitive data and disruption of system availability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.