SQL Injection Vulnerability in MAGESH-K21 Online-College Event Hall Reservation System
CVE-2024-2534

9.8CRITICAL

Key Information:

Vendor

MAGESH-K21 Online-College-Event-Hall-Reservation-System

Status
Online-college-event-hall-reservation-system
Vendor
CVE Published:
17 March 2024

What is CVE-2024-2534?

A critical SQL injection vulnerability exists in MAGESH-K21's Online-College-Event-Hall-Reservation-System version 1.0, specifically in the admin panel file /admin/users.php. This security flaw allows for the manipulation of the user_id parameter, potentially enabling attackers to execute remote attacks that compromise user data and the integrity of the database. The exploit has been publicly disclosed, posing significant risk to any installations of the affected software. Immediate action is recommended to patch this vulnerability and mitigate potential breaches.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://vuldb.com/?id.256971
https://vuldb.com/?ctiid.256971
https://github.com/skid-nochizplz/skid-nochizplz/blob/mai...

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

JSON
.