CVE-2024-10660 | ESAFENET CDG 5 HookService.java deleteHook hookId sql injection

Posted by Angelo Barbosa | Nov 1, 2024 | CVE

A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function deleteHook of the file /com/esafenet/servlet/policy/HookService.java. The manipulation of the argument hookId leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-10660. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-10660 | ESAFENET CDG 5 HookService.java deleteHook hookId sql injection

Related Posts

CVE-2024-23253 | Apple macOS up to 14.3 Photo Library permission

CVE-2023-42832 | Apple macOS Software Update Privilege Escalation

CVE-2024-40096 | com.cascadialabs.who 15.0 on Android information disclosure

CVE-2024-39154 | idcCMS 1.35 keyWord_deal.php cross-site request forgery