CVE-2024-7273

A vulnerability classified as critical was found in itsourcecode Alton Management System 1.0. This vulnerability affects unknown code of the file search.php. The manipulation of the argument rcode leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273142 is the identifier assigned to this vulnerability.
References
Link Resource
https://github.com/DeepMountains/Mirage/blob/main/CVE8-1.md Exploit Technical Description
https://vuldb.com/?ctiid.273142 Permissions Required Third Party Advisory
https://vuldb.com/?id.273142 Third Party Advisory
https://vuldb.com/?submit.381089 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:adonesevangelista:restaurant_management_system:1.0:*:*:*:*:*:*:*

History

13 Aug 2024, 16:10

Type Values Removed Values Added
First Time Adonesevangelista
Adonesevangelista restaurant Management System
References () https://github.com/DeepMountains/Mirage/blob/main/CVE8-1.md - () https://github.com/DeepMountains/Mirage/blob/main/CVE8-1.md - Exploit, Technical Description
References () https://vuldb.com/?ctiid.273142 - () https://vuldb.com/?ctiid.273142 - Permissions Required, Third Party Advisory
References () https://vuldb.com/?id.273142 - () https://vuldb.com/?id.273142 - Third Party Advisory
References () https://vuldb.com/?submit.381089 - () https://vuldb.com/?submit.381089 - Third Party Advisory
CVSS v2 : 6.5
v3 : 6.3
v2 : 6.5
v3 : 9.8
CPE cpe:2.3:a:adonesevangelista:restaurant_management_system:1.0:*:*:*:*:*:*:*

31 Jul 2024, 12:57

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad fue encontrada en itsourcecode Alton Management System 1.0 y clasificada como crítica. Esta vulnerabilidad afecta a un código desconocido del archivo search.php. La manipulación del argumento rcode conduce a la inyección de SQL. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al público y puede utilizarse. VDB-273142 es el identificador asignado a esta vulnerabilidad.

30 Jul 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-30 21:15

Updated : 2024-08-13 16:10


NVD link : CVE-2024-7273

Mitre link : CVE-2024-7273

CVE.ORG link : CVE-2024-7273


JSON object : View

Products Affected

adonesevangelista

  • restaurant_management_system
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')