Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-9c7g-8m6v-j7h8

Опубликовано: 12 нояб. 2024
Источник: github
Github: Не прошло ревью
CVSS4: 5.1
CVSS3: 4.7

Описание

A vulnerability has been found in TimGeyssens UIOMatic 5 and classified as critical. This vulnerability affects unknown code of the file /src/UIOMatic/wwwroot/backoffice/resources/uioMaticObject.r. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

A vulnerability has been found in TimGeyssens UIOMatic 5 and classified as critical. This vulnerability affects unknown code of the file /src/UIOMatic/wwwroot/backoffice/resources/uioMaticObject.r. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Ссылки

EPSS

Процентиль: 26%
0.00092
Низкий

5.1 Medium

CVSS4

4.7 Medium

CVSS3

CVE ID

CVE-2024-11124

Дефекты

CWE-74
CWE-89

Связанные уязвимости

nvd логотип

CVE-2024-11124

CVSS3: 4.7
nvd
около 1 года назад

A vulnerability has been found in TimGeyssens UIOMatic 5 and classified as critical. This vulnerability affects unknown code of the file /src/UIOMatic/wwwroot/backoffice/resources/uioMaticObject.r. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

fstec логотип

BDU:2024-10337

CVSS3: 7.2
fstec
около 1 года назад

Уязвимость компонента /src/UIOMatic/wwwroot/backoffice/resources/uioMaticObject.r программного средства для автоматической генерации интегрированного пользовательского интерфейса в Umbraco UI-O-Matic, позволяющая нарушителю выполнить произвольный SQL-код

EPSS

Процентиль: 26%
0.00092
Низкий

5.1 Medium

CVSS4

4.7 Medium

CVSS3

CVE ID

CVE-2024-11124

Дефекты

CWE-74
CWE-89