CVE-2024-39173 | calculator-boilerplate 1.0 /routes/calculator.js eval input injection

Inserito da Angelo Barbosa | Lug 18, 2024 | CVE

A vulnerability, which was classified as critical, was found in calculator-boilerplate 1.0. Affected is the function eval of the file /routes/calculator.js. The manipulation of the argument input leads to injection.

This vulnerability is traded as CVE-2024-39173. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-39173 | calculator-boilerplate 1.0 /routes/calculator.js eval input injection

Post correlati

CVE-2023-35876 | WooCommerce Square Plugin up to 3.8.1 on WordPress authorization

CVE-2023-3964 | GitLab prior 16.4.3/16.5.3/16.6.1 Composer Package access control

CVE-2024-27187 | Joomla CMS up to 4.4.6/5.1.2 Username access control

CVE-2024-34062 | tqdm up to 4.66.2 injection (GHSA-g7vv-2v7x-gj9p)