CVE-2024-25507 | RuvarOA 6.01/12.01 /LHMail/AttachDown.aspx email_attach_id sql injection

Posted by Angelo Barbosa | May 7, 2024 | CVE

A vulnerability was found in RuvarOA 6.01/12.01. It has been rated as critical. This issue affects some unknown processing of the file /LHMail/AttachDown.aspx. The manipulation of the argument email_attach_id leads to sql injection.

The identification of this vulnerability is CVE-2024-25507. The attack may be initiated remotely. There is no exploit available.

CVE-2024-25507 | RuvarOA 6.01/12.01 /LHMail/AttachDown.aspx email_attach_id sql injection

Related Posts

CVE-2024-43033 | JPress up to 5.1.1 on Windows AttachmentController unrestricted upload (Issue 188)

CVE-2024-39676 | Apache Pinot 0.x information disclosure

CVE-2024-38583 | Linux Kernel up to 6.9.2 nilfs2 sc_timer use after free

CVE-2024-7198 | SourceCodester Complaints Report Management System 1.0 manage_station.php id sql injection