Lucene search
CERT-PLCVELIST:CVE-2024-3816HistoryJun 28, 2024 - 12:45 p.m.
CVE-2024-3816 SQLi in S@M CMS
2024-06-2812:45:29
CWE-89
CERT-PL
www.cve.org
1
cve-2024-3816
sql injection
s@m cms
0.0004 Low
EPSS
Percentile
9.1%
Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to a blind SQL Injection executed using the search bar.
Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears.
CNA Affected
[
{
"defaultStatus": "unknown",
"product": "S@M CMS",
"vendor": "Concept Intermedia",
"versions": [
{
"lessThanOrEqual": "3.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]
