A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated attackers to execute arbitrary SQL commands via the username parameter and disclosure of some data in the underlying DB.
Metrics
Affected Vendors & Products
References
History
Tue, 08 Oct 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Anteeowms
Anteeowms anteeowms |
|
Weaknesses | CWE-89 | |
CPEs | cpe:2.3:a:anteeowms:anteeowms:*:*:*:*:*:*:*:* | |
Vendors & Products |
Anteeowms
Anteeowms anteeowms |
|
Metrics |
cvssV3_1
|
Tue, 08 Oct 2024 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated attackers to execute arbitrary SQL commands via the username parameter and disclosure of some data in the underlying DB. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-10-08T00:00:00
Updated: 2024-10-08T18:31:07.432Z
Reserved: 2024-08-21T00:00:00
Link: CVE-2024-44349
Vulnrichment
Updated: 2024-10-08T18:30:54.730Z
NVD
Status : Received
Published: 2024-10-08T17:15:54.027
Modified: 2024-10-08T19:35:17.550
Link: CVE-2024-44349
Redhat
No data.