CVE-2024-25512 | RuvarOA 6.01/12.01 AttachDownLoad.aspx attach_id sql injection

Inserito da Angelo Barbosa | Mag 7, 2024 | CVE

A vulnerability was found in RuvarOA 6.01/12.01. It has been classified as critical. This affects an unknown part of the file /Bulletin/AttachDownLoad.aspx. The manipulation of the argument attach_id leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-25512. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-25512 | RuvarOA 6.01/12.01 AttachDownLoad.aspx attach_id sql injection

Post correlati

CVE-2023-51094 | Tenda M3 1.0.0.12(4856) TendaTelnet Privilege Escalation

CVE-2023-50873 | Marios Alexandrou Add Any Extension to Pages Plugin up to 1.4 on WordPress cross-site request forgery

CVE-2024-5668 | Lightbox & Modal Popup Plugin up to 2.7.28 on WordPress HTML Data Attribute HTML injection

CVE-2024-33271 | FME Modules eventsmanager Module up to 4.3.x on PrestaShop ps_customer information disclosure