CVE-2024-24496
CVE-2024-24496
Vexday Risk Score
53Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 9.8EPSS 19.5%KEV nãoPoC públicaPatch —
Lifecycle
08 Feb 2024Published on NVD
02 Apr 2024Public PoC
Recommendation: Plan a near-term fix — a public PoC already exists.
An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/51954unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →