CVE-2024-0357 | coderd-repos Eva 1.0.0 HTTP POST Request /system/traceLog/page property sql injection

Inserito da Angelo Barbosa | Gen 9, 2024 | CVE

A vulnerability was found in coderd-repos Eva 1.0.0 and classified as critical. Affected by this issue is some unknown functionality of the file /system/traceLog/page of the component HTTP POST Request Handler. The manipulation of the argument property leads to sql injection.

This vulnerability is handled as CVE-2024-0357. The attack needs to be approached within the local network. Furthermore, there is an exploit available.

CVE-2024-0357 | coderd-repos Eva 1.0.0 HTTP POST Request /system/traceLog/page property sql injection

Post correlati

CVE-2024-1795 | Husky Plugin up to 1.3.5.2 on WordPress sql injection

CVE-2024-5455 | Plus Addons for Elementor Plugin up to 5.5.6 on WordPress file inclusion

CVE-2024-21655 | Discourse up to 3.1.3/3.2.0.beta3 resource consumption

CVE-2023-43585 | Zoom Mobile App/Video SDK/Meeting SDK on iOS access control