CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

NVD•added 2024/11/29 8:15 p.m.•17 views

CVE-2024-53505

A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at /getAssetContent...

9.8CVSS0.00123EPSS

Exploits1References2

OSV•added 2024/11/29 8:15 p.m.•4 views

CVE-2024-53505

A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at /getAssetContent...

9.8CVSS8AI score

Exploits0References2

Vulnrichment•added 2024/11/29 12:0 a.m.•10 views

CVE-2024-53505

A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at /getAssetContent...

8AI score0.00123EPSS

Exploits1References2

Cvelist•added 2024/11/29 12:0 a.m.•14 views

CVE-2024-53505

A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at /getAssetContent...

0.00123EPSS

Exploits1References2

CVE•added 2024/11/29 12:0 a.m.•64 views

CVE-2024-53505

Siyuan 3.1.11 is affected by a SQL injection in the /getAssetContent API via the id parameter. Root cause: unsanitized id leads to injection; impact per CVSS v3.1 is CRITICAL (Confidentiality, Integrity, Availability) with a base score of 9.8. No patch details are provided in the documents; a pra...

9.8CVSS8AI score0.00123EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2024/11/29 12:0 a.m.•2 views

PT-2024-35765 · Siyuan · Siyuan

Name of the Vulnerable Software and Affected Versions: Siyuan version 3.1.11 Description: A SQL injection issue has been identified. It occurs through the id parameter at the "/getAssetContent" API endpoint. Recommendations: For Siyuan version 3.1.11, as a temporary workaround, consider restricti...

9.8CVSS8AI score0.00123EPSS

Exploits1References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by