6SHR system from Gether Technology does not properly validate the specific page parameter, allowing remote attackers with regular privilege to inject SQL command to read, modify, and delete database contents.
Metrics
Affected Vendors & Products
References
History
Thu, 05 Sep 2024 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
6shr System Project
6shr System Project 6shr System |
|
CPEs | cpe:2.3:a:6shr_system_project:6shr_system:*:*:*:*:*:*:*:* | |
Vendors & Products |
6shr System Project
6shr System Project 6shr System |
Fri, 30 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Gethertechnology
Gethertechnology 6shr |
|
CPEs | cpe:2.3:a:gethertechnology:6shr:*:*:*:*:*:*:*:* | |
Vendors & Products |
Gethertechnology
Gethertechnology 6shr |
|
Metrics |
ssvc
|
Fri, 30 Aug 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | 6SHR system from Gether Technology does not properly validate the specific page parameter, allowing remote attackers with regular privilege to inject SQL command to read, modify, and delete database contents. | |
Title | Gether Technology 6SHR System - SQL Injection | |
Weaknesses | CWE-89 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: twcert
Published: 2024-08-30T02:24:46.598Z
Updated: 2024-08-30T14:15:08.118Z
Reserved: 2024-08-30T01:25:06.659Z
Link: CVE-2024-8329
Vulnrichment
Updated: 2024-08-30T14:14:49.421Z
NVD
Status : Analyzed
Published: 2024-08-30T03:15:04.463
Modified: 2024-09-05T13:40:38.080
Link: CVE-2024-8329
Redhat
No data.