| |
Vulnerability CVE-2024-8329
Published: 2024-08-30
| Description: |
6SHR system from Gether Technology does not properly validate the specific page parameter, allowing remote attackers with regular privilege to inject SQL command to read, modify, and delete database contents. |
Type:
CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))
References: |
https://www.twcert.org.tw/tw/cp-132-8030-e2eac-1.html
https://www.twcert.org.tw/en/cp-139-8034-657b7-2.html
|
|
|
closedb();
?>
Copyright 2026, cxsecurity.com
|
|
|