SQL Injection Vulnerability in SourceCodester Modern Loan Management System
CVE-2024-9090
9.8CRITICAL
Key Information:
- Vendor
SourceCodester
- Vendor
- CVE Published:
- 23 September 2024
What is CVE-2024-9090?
A security vulnerability has been identified in the SourceCodester Modern Loan Management System version 1.0, specifically within the file search_member.php. This vulnerability allows an attacker to manipulate the searchMember argument, resulting in SQL injection attacks. Such vulnerabilities can be exploited remotely, posing a significant risk to environments utilizing this software. Since the exploit information has been publicly disclosed, organizations are urged to assess their systems for this vulnerability and implement necessary security measures to protect against potential database breaches.