CVE-2024-10611 | ESAFENET CDG 5 PrintScreenListService.java delProtocol id sql injection

Posted by Angelo Barbosa | Oct 31, 2024 | CVE

A vulnerability was found in ESAFENET CDG 5 and classified as critical. This issue affects the function delProtocol of the file /com/esafenet/servlet/system/PrintScreenListService.java. The manipulation of the argument id leads to sql injection.

The identification of this vulnerability is CVE-2024-10611. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-10611 | ESAFENET CDG 5 PrintScreenListService.java delProtocol id sql injection

Related Posts

CVE-2024-6963 | Tenda O3 1.0.0.10 formexeCommand cmdinput stack-based overflow

CVE-2024-6725 | Formidable Forms Plugin up to 6.11.1 on WordPress cross site scripting

CVE-2024-2072 | SourceCodester Flashcard Quiz App 1.0 update-flashcard.php question/answer cross site scripting

CVE-2024-20118 | MediaTek MT8792 Mms write-what-where condition (MSV-1621 / ALPS09062392)