CVE-2024-6371

Name of the Vulnerable Software and Affected Versions Bethesda Online Reservation System version 1.0

Description A critical issue has been found in the Bethesda Online Reservation System, affecting some unknown functionality of the file controller.php. The manipulation of the rmtype id argument leads to sql injection. The attack can be launched remotely.

Recommendations For version 1.0, consider restricting access to the controller.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the rmtype id argument in the affected functionality until a patch is available.