CVE-2024-38882 | Horizon Business Services Caterease up to 24.0.1.2405 SQL Server xp_cmdshell os command injection

Posted by Angelo Barbosa | Aug 1, 2024 | CVE

A vulnerability classified as critical has been found in Horizon Business Services Caterease up to 24.0.1.2405. Affected is the function xp_cmdshell of the component SQL Server. The manipulation leads to os command injection.

This vulnerability is traded as CVE-2024-38882. The attack can only be initiated within the local network. There is no exploit available.

CVE-2024-38882 | Horizon Business Services Caterease up to 24.0.1.2405 SQL Server xp_cmdshell os command injection

Related Posts

CVE-2024-7698 | Phoenix Contact FL MGUARD 2102 CSRF Token improper removal of sensitive information before storage or transfer (VDE-2024-039)

CVE-2024-42500 | HPE HP-UX ONCplus prior B.11.31.24 NFSv4 Services denial of service

CVE-2024-1767 | Blocksy Plugin up to 2.0.26 on WordPress cross site scripting

CVE-2024-29082 | Vonets VGA-1000 up to 3.3.23.6.9 access control (icsa-24-214-08)