Learning with Texts (LWT) 2.0.3 is vulnerable to SQL Injection. This occurs when the application fails to properly sanitize user inputs, allowing attackers to manipulate SQL queries by injecting malicious SQL statements into URL parameters. By exploiting this vulnerability, an attacker could gain unauthorized access to the database, retrieve sensitive information, modify or delete data, and execute arbitrary commands.
Metrics
Affected Vendors & Products
References
History
Thu, 23 Jan 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Lang-learn-guy
Lang-learn-guy learning With Texts |
|
CPEs | cpe:2.3:a:lang-learn-guy:learning_with_texts:2.0.3:*:*:*:*:*:*:* | |
Vendors & Products |
Learning With Texts Project
Learning With Texts Project learning With Texts |
Lang-learn-guy
Lang-learn-guy learning With Texts |
Tue, 29 Oct 2024 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Learning With Texts Project
Learning With Texts Project learning With Texts |
|
CPEs | cpe:2.3:a:learning_with_texts_project:learning_with_texts:2.0.3:*:*:*:*:*:*:* | |
Vendors & Products |
Learning With Texts Project
Learning With Texts Project learning With Texts |
Mon, 21 Oct 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Learning With Texts
Learning With Texts learning With Texts |
|
Weaknesses | CWE-89 | |
CPEs | cpe:2.3:a:learning_with_texts:learning_with_texts:2.0.3:*:*:*:*:*:*:* | |
Vendors & Products |
Learning With Texts
Learning With Texts learning With Texts |
|
Metrics |
cvssV3_1
|
Mon, 21 Oct 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Learning with Texts (LWT) 2.0.3 is vulnerable to SQL Injection. This occurs when the application fails to properly sanitize user inputs, allowing attackers to manipulate SQL queries by injecting malicious SQL statements into URL parameters. By exploiting this vulnerability, an attacker could gain unauthorized access to the database, retrieve sensitive information, modify or delete data, and execute arbitrary commands. | |
References |
|

Status: PUBLISHED
Assigner: mitre
Published: 2024-10-21T00:00:00
Updated: 2024-10-21T19:48:20.097Z
Reserved: 2024-10-08T00:00:00
Link: CVE-2024-48509

Updated: 2024-10-21T19:48:09.532Z

Status : Analyzed
Published: 2024-10-21T20:15:14.943
Modified: 2025-01-23T16:50:03.787
Link: CVE-2024-48509

No data.