SQL Injection Vulnerability in Campcodes Cybercafe Management System
CVE-2024-57162

7.2HIGH

Key Information:

Vendor: Campcodes
Status: Cybercafe Management System
Vendor: CVE Published:; 16 January 2025

What is CVE-2024-57162?

The Campcodes Cybercafe Management System v1.0 has a SQL Injection vulnerability in the view-user-detail.php endpoint. This flaw allows attackers to manipulate database queries, potentially exposing sensitive user information or modifying database entries without proper authorization. Implementing input validation and prepared statements can mitigate this security risk.

References

https://github.com/h1-wh0areu/bug_report/blob/main/cyberc...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 16, 2025
Vulnerability Reserved
Jan 9, 2025