SQL Injection Flaw in PuneethReddyHC Online Shopping System
CVE-2024-40498

Currently unrated

Key Information:

Vendor: PuneethReddyHC
Status: Online Shopping System
Vendor: CVE Published:; 5 August 2024

🔔 Create PuneethReddyHC Vulnerability Alert

What is CVE-2024-40498?

An SQL Injection vulnerability exists in the PuneethReddyHC Online Shopping System version 1.0. This flaw allows remote attackers to execute arbitrary SQL code through the register.php endpoint, potentially leading to unauthorized data access and manipulation. If exploited, attackers could compromise the integrity and confidentiality of user data within the online shopping environment, making it essential for users and administrators to apply necessary security patches and preventive measures.

References

https://github.com/Dirac231/CVE-2024-40498

EPSS Score

9% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 5, 2024
Vulnerability Reserved
Jul 5, 2024

JSON