Lucene search

CVE-2024-30851

🗓️ 03 May 2024 17:07:15Reported by mitreType

cve🔗 web.nvd.nist.gov👁 41 Views🌐 WEB

Directory Traversal vulnerability in Jasmin Ransomware v.1.0.

Reporter	Title	Published	Views	Family All 10
Cvelist	CVE-2024-30851	3 May 202400:00	–	cvelist
Vulnrichment	CVE-2024-30851	3 May 202400:00	–	vulnrichment
Metasploit	Jasmin Ransomware Web Server Unauthenticated Directory Traversal	4 May 202419:56	–	metasploit
Metasploit	Jasmin Ransomware Web Server Unauthenticated SQL Injection	4 May 202419:56	–	metasploit
NVD	CVE-2024-30851	3 May 202417:15	–	nvd
Packet Storm	Jasmin Ransomware Web Server Unauthenticated Directory Traversal	31 Aug 202400:00	–	packetstorm
Packet Storm	Jasmin Ransomware 1.1 Arbitrary File Read	5 Apr 202400:00	–	packetstorm
Packet Storm	Jasmin Ransomware Web Server Unauthenticated SQL Injection	31 Aug 202400:00	–	packetstorm
Rapid7 Blog	Metasploit Weekly Wrap-Up 05/31/2024	31 May 202418:32	–	rapid7blog
GithubExploit	Exploit for CVE-2024-30851	4 Apr 202422:59	–	githubexploit

Source	Link
github	www.github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc
github	www.github.com/codesiddhant/Jasmin-Ransomware

Parameter	Position	Path	Description	CWE
username	request body	/checklogin.php	Unauthenticated SQL injection vulnerability allows an attacker to manipulate the login process.	CWE-89
password	request body	/checklogin.php	Unauthenticated SQL injection vulnerability allows an attacker to manipulate the login process.	CWE-89
service	request body	/checklogin.php	Unauthenticated SQL injection vulnerability allows an attacker to manipulate the login process.	CWE-89

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

03 May 2024 17:15Current

8.9High risk

Vulners AI Score8.9

CVSS36.5

EPSS0.004

SSVC

CWE-22