CVE-2024-24096

Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via BookSBIN.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/ASR511-OO7/CVE-2024-24096/blob/main/CVE-20	Third Party Advisory
https://github.com/ASR511-OO7/CVE-2024-24096/blob/main/CVE-20	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:carmelo:computer_book_store:1.0:*:*:*:*:*:*:*

History

10 Apr 2025, 14:17

Type	Values Removed	Values Added
First Time		Carmelo Carmelo computer Book Store
CPE	cpe:2.3:a:code-projects:computer_book_store:1.0:::::::*	cpe:2.3:a:carmelo:computer_book_store:1.0:::::::*

03 Apr 2025, 13:17

Type	Values Removed	Values Added
References	~~() https://github.com/ASR511-OO7/CVE-2024-24096/blob/main/CVE-20 -~~	() https://github.com/ASR511-OO7/CVE-2024-24096/blob/main/CVE-20 - Third Party Advisory
CPE		cpe:2.3:a:code-projects:computer_book_store:1.0:::::::*
First Time		Code-projects Code-projects computer Book Store

Information

Published : 2024-02-27 02:15

Updated : 2025-04-10 14:17

NVD link : CVE-2024-24096

Mitre link : CVE-2024-24096

CVE.ORG link : CVE-2024-24096

JSON object : View

Products Affected

carmelo

computer_book_store

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

7.8 /10