6 matches found
CVE-2024-54820
XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...
CVE-2024-54820
creationtimestamp| type| source ---|---|--- 2025-02-24 18:26:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5191 2025-02-24 19:13:59+00:00| seen| https://infosec.exchange/users/DarkWebInformer/statuses/114060456043650622 2025-02-24 19:14:04+00:00| seen|...
CVE-2024-54820
XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...
CVE-2024-54820
XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...
CVE-2024-54820
XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...
CVE-2024-54820
XOne Web Monitor has an unauthenticated SQL injection in the login path. Affects version 02.10.2024.530 and framework 1.0.4.9, exploitable via the login endpoint (e.g. /webcore/api/itf/DoAction) where the where clause on LOGIN can be manipulated to enumerate all usernames and passwords. Evidence ...