CVE-2024-0784 | biantaibao octopus 1.0 /system/role/list dataScope sql injection

A vulnerability was found in biantaibao octopus 1.0. It has been classified as critical. Affected is an unknown function of the file /system/role/list. The manipulation of the argument dataScope leads to sql injection.

This vulnerability is traded as CVE-2024-0784. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

CVE-2024-0784 | biantaibao octopus 1.0 /system/role/list dataScope sql injection

Related Posts

CVE-2024-37149 | glpi-project glpi up to 10.0.15 file inclusion (GHSA-cwvp-j887-m4xh)

CVE-2023-3286 | easyappointments up to 1.4.x /secretaries authorization

CVE-2024-27401 | Linux Kernel up to 6.8 firewire packet_buffer_get user_length buffer overflow (38762a0763c1)

CVE-2024-22362 | Drupal prior 9.5.0 Structural Element denial of service