SQL Injection Vulnerability in SourceCodester Lot Reservation Management System
CVE-2024-7222

9.8CRITICAL

Key Information:

Vendor: Oretnom23
Status: Lot Reservation Management System
Vendor: CVE Published:; 30 July 2024

What is CVE-2024-7222?

A vulnerability exists in the SourceCodester Lot Reservation Management System, specifically within the '/home.php' file. This flaw is due to improper handling of input parameters, allowing for SQL injection attacks that can be executed remotely. Successful exploitation enables attackers to manipulate queries to the database, potentially leading to unauthorized access to sensitive data. The exploit has been publicly disclosed, emphasizing the need for immediate attention and remediation by users of this software version.

References

https://vuldb.com/?id.272802

https://vuldb.com/?ctiid.272802

https://vuldb.com/?submit.380469

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2024

Oretnom23

What is CVE-2024-7222?

References

CVSS V3.1

Timeline