Lucene search

K
cve[email protected]CVE-2024-35374
HistoryMay 24, 2024 - 9:15 p.m.

CVE-2024-35374

2024-05-2421:15:59
web.nvd.nist.gov
41
mocodo online
sql injection
remote code execution

8.5 High

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sql_case input field in /web/generate.php, allowing remote attackers to execute arbitrary commands and potentially command injection, leading to remote code execution (RCE) under certain conditions.

8.5 High

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

Related for CVE-2024-35374