CVE-2024-24525 | EpointWebBuilder 5.1.0-sp1/5.2.1-sp1/5.4.1/5.4.2 URL infoid Privilege Escalation

Posted by Angelo Barbosa | Feb 29, 2024 | CVE

A vulnerability classified as critical has been found in EpointWebBuilder 5.1.0-sp1/5.2.1-sp1/5.4.1/5.4.2. This affects an unknown part of the component URL Handler. The manipulation of the argument infoid leads to Privilege Escalation.

This vulnerability is uniquely identified as CVE-2024-24525. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-24525 | EpointWebBuilder 5.1.0-sp1/5.2.1-sp1/5.4.1/5.4.2 URL infoid Privilege Escalation

Related Posts

CVE-2024-7903 | DedeBIZ 6.3.0 File Extension admin/media_add.php upfile1 unrestricted upload

CVE-2024-24105 | code-projects Computer Science Time Table System 1.0 adminFormvalidation.php sql injection

CVE-2024-36927 | Linux Kernel up to 6.6.30/6.8.9 ipv4 __ip_make_skb uninitialized resource (5db08343ddb1/f5c603ad4e6f/fc1092f51567)

CVE-2024-22714 | Stupid Simple CMS up to 1.2.4 Editing Section cross site scripting