CVE-2024-42361 | Apache HertzBeat up to 1.6.0 {metricFull} sql injection (GHSL-2023-254)

Posted by Angelo Barbosa | Aug 21, 2024 | CVE

A vulnerability has been found in Apache HertzBeat up to 1.6.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/monitor/{monitorId}/metric/{metricFull}. The manipulation leads to sql injection.

This vulnerability is known as CVE-2024-42361. The attack can be launched remotely. There is no exploit available.

CVE-2024-42361 | Apache HertzBeat up to 1.6.0 {metricFull} sql injection (GHSL-2023-254)

Related Posts

CVE-2024-5238 | Campcodes Complete Web-Based School Management System 1.0 timetable_insert_form.php grade sql injection

CVE-2024-40602 | Tempo Skin up to 1.42.1 on MediaWiki Sidebar Menu cross site scripting

CVE-2024-33976 | Janobe E-Negosyo System 1.0 /admin/user/index.php id cross site scripting

CVE-2024-24161 | MRCMS 3.0 /admin/file/edit.do path path traversal