Vulnerability CVE-2024-9560
Published: 2024-10-06   Modified: 2024-10-07

Description:
A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue is the function delCatelogs of the file /CDGServer3/document/Catelogs;logindojojs?command=DelCatelogs. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Type:

CWE-89

 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

 References:
https://vuldb.com/?id.279368
https://vuldb.com/?ctiid.279368
https://vuldb.com/?submit.414475
https://flowus.cn/share/38f64855-27ec-4170-ac78-f29ca595901e?code=G8A6P3
Copyright 2024, cxsecurity.com

 

Back to Top