CVE-2024-10611 | ESAFENET CDG 5 PrintScreenListService.java delProtocol id sql injection

Posted by Angelo Barbosa | Oct 31, 2024 | CVE

A vulnerability was found in ESAFENET CDG 5 and classified as critical. This issue affects the function delProtocol of the file /com/esafenet/servlet/system/PrintScreenListService.java. The manipulation of the argument id leads to sql injection.

The identification of this vulnerability is CVE-2024-10611. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-10611 | ESAFENET CDG 5 PrintScreenListService.java delProtocol id sql injection

Related Posts

CVE-2024-36583 | byondreal accessor up to 1.0.0 prototype pollution

CVE-2024-0656 | Password Protected Plugin up to 2.6.6 on WordPress cross site scripting

CVE-2023-51561 | Foxit PDF Reader PDF File Parser out-of-bounds (ZDI-23-1862)

CVE-2024-2075 | SourceCodester Daily Habit Tracker 1.0 update-tracker.php day cross site scripting