SQL Injection vulnerability in Cloud based customer service management platform v.1.0.0 allows a local attacker to execute arbitrary code via a crafted payload to Login.asp component.
References
Configurations
No configuration.
History
21 Nov 2024, 09:12
Type | Values Removed | Values Added |
---|---|---|
References | () http://cloud.com - | |
References | () http://www.minipacs.com/ylqxrj - | |
References | () https://github.com/WarmBrew/web_vul/blob/main/Cloud%20based%20customer%20service/SQLi.md - |
15 Aug 2024, 17:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CWE | CWE-89 |
14 May 2024, 16:13
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-14 15:23
Updated : 2024-11-21 09:12
NVD link : CVE-2024-30801
Mitre link : CVE-2024-30801
CVE.ORG link : CVE-2024-30801
JSON object : View
Products Affected
No product.
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')