3 matches found
CVE-2024-24110
SQL Injection vulnerability in crmebjava before v1.3.4 allows attackers to run arbitrary SQL commands via crafted GET request to the component /api/front/spread/people...
CVE-2024-24110
CVE-2024-24110 affects crmeb_java prior to v1.3.4. Affected component is the GET endpoint /api/front/spread/people, where an attacker can trigger an SQL injection to run arbitrary SQL commands. The issue is documented across multiple sources (NVD/Red Hat/OSV) with the same description. Impact is ...
CVE-2024-24110
SQL Injection vulnerability in crmebjava before v1.3.4 allows attackers to run arbitrary SQL commands via crafted GET request to the component /api/front/spread/people...