Key Information 1. Vulnerability ID: - VDB-275928 - CVE-2024-8219 2. Vulnerability Name: - Code-Projects Responsive Hotel Site 1.0 Index.php Name/Phone/Email SQL Injection 3. CVSS Meta Temp Score: - 6.9 4. Current Exploit Price: - $0-$5k 5. CTI Interest Score: - 2.13 6. Vulnerability Description: - An SQL injection vulnerability exists in an unknown functionality file . External input affecting the parameters can trigger an SQL injection attack. CWE classifies this issue as CWE-89. 7. Impact Scope: - Affects the file with unknown functionality. - Can be exploited remotely. 8. Exploit Difficulty: - Exploit difficulty is described as easy. 9. Public Disclosure: - The vulnerability has been publicly disclosed and may be exploited. 10. Exploit Code: - Exploit code is publicly available. - Exploit code is PoC (Proof-of-Concept). 11. Technical Details: - Technical details are publicly available. - Targets vulnerable to this issue can be found by searching . 12. Recommended Mitigation: - It is recommended to replace the affected component. 13. Related Vulnerability IDs: - VDB-268858 - VDB-268901 - VDB-269162 - VDB-269620 Summary This vulnerability is an SQL injection flaw affecting the file in Code-Projects Responsive Hotel Site 1.0. The exploit difficulty is low, and both disclosure and proof-of-concept exploit code are publicly available. It is recommended to replace the affected component to prevent further security risks.