CVE-2024-9317

Summary

CVE-2024-9317 is a critical vulnerability identified in SourceCodester Online Eyewear Shop version 1.0, specifically affecting the delete_category function in the /classes/Master.php file. The vulnerability allows for SQL injection through manipulation of the 'id' argument, enabling remote attackers to exploit the system. Organizations using this software may face risks such as unauthorized data access or manipulation due to this vulnerability. To remediate the issue, it is recommended that users update to a patched version of the software and implement input validation measures to prevent SQL injection attacks. The CVSS score for this vulnerability is 6.3, indicating medium severity with low complexity for exploitation and no user interaction required.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.