CVE-2024-6414 | Parsec Automation TrakSYS 11.x.x Export Page TS/export/contentpage ID direct request

Inserito da Angelo Barbosa | Giu 29, 2024 | CVE

A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x. Affected is an unknown function of the file TS/export/contentpage of the component Export Page. The manipulation of the argument ID leads to direct request.

This vulnerability is traded as CVE-2024-6414. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-6414 | Parsec Automation TrakSYS 11.x.x Export Page TS/export/contentpage ID direct request

Post correlati

CVE-2023-6113 | WP STAGING Backup Plugin on WordPress Backup Process information disclosure

CVE-2024-35291 | Chris Younger Splunk Config Explorer up to 1.7.15 cross site scripting

CVE-2024-36422 | FlowiseAI Flowise up to 1.4.3 404 Page api/v1/chatflows/id cross site scripting (GHSL-2023-232)

CVE-2024-1929 | dnf5daemon-server up to 5.1.9 Configuration Dictionary Local Privilege Escalation