CVE-2024-8567

Summary

CVE-2024-8567 is a critical vulnerability found in the Itsourcecode Payroll Management System 1.0, specifically affecting the file /ajax.php?action=delete_deductions due to SQL injection through improper handling of the argument id. This vulnerability allows remote attackers to manipulate the system without requiring authentication or user interaction, posing a risk of data integrity and confidentiality breaches. The vulnerability has been publicly disclosed, highlighting its potential for exploitation by malicious actors. Organizations using affected products such as mQTOUl and wbgIOY should apply available security patches or updates as remediation measures to mitigate risks associated with this vulnerability. The exploitability score for this issue is rated at 3.9, indicating a significant potential threat to affected systems, with a CVSS base score of 7.3 reflecting its high severity level.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.