CVE-2024-38882 | Horizon Business Services Caterease up to 24.0.1.2405 SQL Server xp_cmdshell os command injection

Inserito da Angelo Barbosa | Ago 1, 2024 | CVE

A vulnerability classified as critical has been found in Horizon Business Services Caterease up to 24.0.1.2405. Affected is the function xp_cmdshell of the component SQL Server. The manipulation leads to os command injection.

This vulnerability is traded as CVE-2024-38882. The attack can only be initiated within the local network. There is no exploit available.

CVE-2024-38882 | Horizon Business Services Caterease up to 24.0.1.2405 SQL Server xp_cmdshell os command injection

Post correlati

CVE-2022-28652 | Canonical Apport up to 2.20.x settings Billion Laughs xml entity expansion (USN-5427-1)

CVE-2023-46809 | Node.js Crypto Library privateDecrypt Bleichenbacher timing discrepancy

CVE-2024-9350 | DPD Baltic Shipping Plugin up to 1.2.83 on WordPress cross site scripting

CVE-2023-42920 | Claris FileMaker Pro up to 20.1 on macOS Privilege Escalation