A vulnerability was found in code-projects Responsive Hotel Site 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument name/phone/email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
History

Thu, 29 Aug 2024 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Fabianros
Fabianros responsive Hotel Site
CPEs cpe:2.3:a:fabianros:responsive_hotel_site:1.0:*:*:*:*:*:*:*
Vendors & Products Fabianros
Fabianros responsive Hotel Site

Wed, 28 Aug 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Responsive Hotel Site Project
Responsive Hotel Site Project responsive Hotel Site
CPEs cpe:2.3:a:responsive_hotel_site_project:responsive_hotel_site:1.0:*:*:*:*:*:*:*
Vendors & Products Responsive Hotel Site Project
Responsive Hotel Site Project responsive Hotel Site
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 27 Aug 2024 21:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in code-projects Responsive Hotel Site 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument name/phone/email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Title code-projects Responsive Hotel Site index.php sql injection
Weaknesses CWE-89
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-08-27T21:31:04.475Z

Updated: 2024-08-28T14:03:37.918Z

Reserved: 2024-08-27T12:38:20.297Z

Link: CVE-2024-8219

cve-icon Vulnrichment

Updated: 2024-08-28T14:03:29.750Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-27T22:15:05.340

Modified: 2024-08-29T15:35:28.000

Link: CVE-2024-8219

cve-icon Redhat

No data.