CVE-2024-7274

A vulnerability, which was classified as critical, has been found in itsourcecode Alton Management System 1.0. This issue affects some unknown processing of the file /reservation_status.php. The manipulation of the argument rcode leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273143.

Published: Jul 31, 2024
Updated: Aug 14, 2024
CVE: CVE-2024-7274
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.2
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
adonesevangelista / restaurant_management_system	1.0	1.0.x

https://github.com/DeepMountains/Mirage/blob/main/CVE8-2.md
https://vuldb.com/?ctiid.273143
https://vuldb.com/?id.273143
https://vuldb.com/?submit.381091

Vulnerability Database

CVE-2024-7274

Deep Security Visibility Without the Complexity