CVE-2024-4748 | CRUDDIY up to 202312.1 POST Request command injection

Posted by Angelo Barbosa | Jun 24, 2024 | CVE

A vulnerability was found in CRUDDIY up to 202312.1 and classified as critical. This issue affects some unknown processing of the component POST Request Handler. The manipulation leads to command injection.

The identification of this vulnerability is CVE-2024-4748. The attack may be initiated remotely. There is no exploit available.

CVE-2024-4748 | CRUDDIY up to 202312.1 POST Request command injection

Related Posts

CVE-2024-38039 | Esri Portal for ArcGIS up to 10.9.1/11.1 on ArcGIS Link cross site scripting

CVE-2024-31803 | emp-ot 0.2.4 read_pre_data128_from_file buffer overflow

CVE-2024-34075 | xiboon kurwov up to 3.2.4 MarkovData#getNext deserialization

CVE-2024-7908 | TOTOLINK EX1200L 9.3.5u.6146_B20201023 /www/cgi-bin/cstecgi.cgi setDefResponse IpAddress stack-based overflow