Lucene search

CVE-2024-25525

🗓️ 08 May 2024 15:08:15Reported by mitreType

cve🔗 web.nvd.nist.gov👁 44 Views🌐 WEB

RuvarOA SQL injection vulnerability

Reporter	Title	Published	Views	Family All 4
Cvelist	CVE-2024-25525	8 May 202400:00	–	cvelist
Vulnrichment	CVE-2024-25525	8 May 202400:00	–	vulnrichment
NVD	CVE-2024-25525	8 May 202415:15	–	nvd
CNVD	RuvarOA filename Parameter SQL Injection Vulnerability	10 May 202400:00	–	cnvd

Source	Link
gist	www.gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d

Parameter	Position	Path	Description	CWE
filename	query param	/WorkFlow/OfficeFileDownload.aspx	SQL injection vulnerability via the filename parameter.	CWE-89

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 May 2024 15:15Current

8.3High risk

Vulners AI Score8.3

CVSS39.8

EPSS0.00043

SSVC

CWE-89