Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/26 12:26 a.m.8 views

CVE-2024-54820

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...

9.8CVSS8AI score0.01149EPSS
Exploits1References1
Circl
Circl
added 2025/02/24 6:26 p.m.8 views

CVE-2024-54820

creationtimestamp| type| source ---|---|--- 2025-02-24 18:26:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5191 2025-02-24 19:13:59+00:00| seen| https://infosec.exchange/users/DarkWebInformer/statuses/114060456043650622 2025-02-24 19:14:04+00:00| seen|...

9.8CVSS5.3AI score0.01149EPSS
Exploits1References10
NVD
NVD
added 2025/02/24 6:15 p.m.16 views

CVE-2024-54820

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...

9.8CVSS0.01149EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/02/24 12:0 a.m.8 views

CVE-2024-54820

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...

8.3AI score0.01149EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/02/24 12:0 a.m.15 views

CVE-2024-54820

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...

0.01149EPSS
Exploits1References2
CVE
CVE
added 2025/02/24 12:0 a.m.57 views

CVE-2024-54820

XOne Web Monitor has an unauthenticated SQL injection in the login path. Affects version 02.10.2024.530 and framework 1.0.4.9, exploitable via the login endpoint (e.g. /webcore/api/itf/DoAction) where the where clause on LOGIN can be manipulated to enumerate all usernames and passwords. Evidence ...

9.8CVSS8.1AI score0.01149EPSS
Exploits1References2
Rows per page
Query Builder