5 matches found
CVE-2024-53357
Multiple SQL injection vulnerabilities in EasyVirt DCScope = 8.6.0 and CO2Scope = 1.3.0 allows remote authenticated attackers, with low privileges, to 1 add an admin user via the /api/user/addalias route; 2 modifiy a user via the /api/user/updatealiasroute; 4 delete users via the /api/user/delali...
CVE-2024-53357
creationtimestamp| type| source ---|---|--- 2025-01-31 22:15:28+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lh2zkotmw32c 2025-01-31 23:25:03+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/3697 2025-02-01 01:25:43+00:00| seen|...
CVE-2024-53357
Multiple SQL injection vulnerabilities in EasyVirt DCScope = 8.6.0 and CO2Scope = 1.3.0 allows remote authenticated attackers, with low privileges, to 1 add an admin user via the /api/user/addalias route; 2 modifiy a user via the /api/user/updatealiasroute; 4 delete users via the /api/user/delali...
CVE-2024-53357
Multiple SQL injection vulnerabilities in EasyVirt DCScope = 8.6.0 and CO2Scope = 1.3.0 allows remote authenticated attackers, with low privileges, to 1 add an admin user via the /api/user/addalias route; 2 modifiy a user via the /api/user/updatealiasroute; 4 delete users via the /api/user/delali...
CVE-2024-53357
Summary of CVE-2024-53357 : The affected products are EasyVirt DCScope (<= 8.6.0) and EasyVirt CO2Scope (