A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/dos-m0nk3y/CVE/tree/main/CVE-2024-48573 |
History
Wed, 30 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Aquila
Aquila cms |
|
Weaknesses | CWE-89 | |
CPEs | cpe:2.3:a:aquila:cms:*:*:*:*:*:*:*:* | |
Vendors & Products |
Aquila
Aquila cms |
|
Metrics |
cvssV3_1
|
Tue, 29 Oct 2024 21:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-10-29T00:00:00
Updated: 2024-10-30T14:32:14.596Z
Reserved: 2024-10-08T00:00:00
Link: CVE-2024-48573
Vulnrichment
Updated: 2024-10-30T14:27:33.400Z
NVD
Status : Received
Published: 2024-10-29T22:15:04.003
Modified: 2024-10-30T15:35:21.227
Link: CVE-2024-48573
Redhat
No data.