4 matches found
CVE-2023-39424
A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote attacker to upload arbitrary content such as a web shell component to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authentication to be exploited but c...
CVE-2023-39424
A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote attacker to upload arbitrary content such as a web shell component to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authentication to be exploited but c...
CVE-2023-39424
CVE-2023-39424 affects the RDPngFileUpload.dll component used by the IRM Next Generation booking system. The vulnerability allows a remote attacker to upload arbitrary content (e.g., a web shell) to the SQL database and execute it with SYSTEM privileges. Authentication is required for exploitatio...
CVE-2023-39424 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in RDPngFileUpload.dll
A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote attacker to upload arbitrary content such as a web shell component to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authentication to be exploited but c...