A vulnerability was found in code-projects Responsive Hotel Site 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument name/phone/email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://code-projects.org/ | Product |
https://github.com/t4rrega/cve/issues/8 | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.275928 | Permissions Required |
https://vuldb.com/?id.275928 | Third Party Advisory |
https://vuldb.com/?submit.398205 | Third Party Advisory |
Configurations
History
29 Aug 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CPE | cpe:2.3:a:fabianros:responsive_hotel_site:1.0:*:*:*:*:*:*:* | |
References | () https://code-projects.org/ - Product | |
References | () https://github.com/t4rrega/cve/issues/8 - Exploit, Third Party Advisory | |
References | () https://vuldb.com/?ctiid.275928 - Permissions Required | |
References | () https://vuldb.com/?id.275928 - Third Party Advisory | |
References | () https://vuldb.com/?submit.398205 - Third Party Advisory | |
First Time |
Fabianros
Fabianros responsive Hotel Site |
28 Aug 2024, 12:57
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
27 Aug 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-27 22:15
Updated : 2024-08-29 15:35
NVD link : CVE-2024-8219
Mitre link : CVE-2024-8219
CVE.ORG link : CVE-2024-8219
JSON object : View
Products Affected
fabianros
- responsive_hotel_site
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')