Key Information Vulnerability ID: - VDB-27622 - CVE-2024-8343 Vulnerability Name: - SourceCodester Sentiment Based Movie Rating System 1.0 User Registration Users.php Email SQL Injection CVSS Meta Temp Score: - 6.9 Current Vulnerability Price: - $0-$5k CTI Interest Score: - 3.86 Affected Component: - User Registration Handler Affected File: - /classes/Users.php?f=save_client Vulnerability Description: - The vulnerability exists in the User Registration Handler component of SourceCodester Sentiment Based Movie Rating System 1.0, caused by untrusted input in the email parameter, leading to an SQL injection vulnerability. Vulnerability Type: - SQL Injection (CWE-89) Vulnerability Impact: - Affects unknown functionality of the file, potentially leading to SQL injection, compromising data confidentiality, integrity, and availability. Vulnerability Disclosure: - Publicly disclosed, potentially exploitable. Exploitability: - Low difficulty to exploit, can be performed remotely, no authentication required. Exploit Tools: - Publicly available, downloadable from GitHub. Recommended Mitigation: - Replace the affected component. Related Links GitHub Vulnerability Page CVE-2024-8343 Additional Information Release Date: - 1997-2024 License: - CC BY-NC-SA