HiBOS v3.0.3.151204 vulnerable to SQL injection via manager/conference/calendar_remind.php
CVE-2024-39072

5.5MEDIUM

Key Information:

Vendor: AMTT Hotel
Vendor: CVE Published:; 9 July 2024

What is CVE-2024-39072?

The AMTT Hotel Broadband Operation System (HiBOS) v3.0.3.151204 contains a vulnerability that can be exploited through SQL injection. This vulnerability occurs specifically in the manager/conference/calendar_remind.php file, allowing malicious users to execute unauthorized SQL commands. Such exploitation could lead to unauthorized access to sensitive database information, compromising the integrity and confidentiality of user data. Organizations utilizing this version of HiBOS should take immediate action to remediate this security flaw to protect their systems from potential attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://gist.github.com/Y5neKO/4c15581606c118aa2172afd3b8...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 9, 2024

JSON

AMTT Hotel

What is CVE-2024-39072?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.