CVE-2024-11837

CVE-2024-11837 describes a N1QL Injection in PlexTrac, affecting versions before 2.8.1 (from 1.61.3). Root cause: improper neutralization of special elements in N1QL commands. Impact as cited: high/critical in CVSS metrics, including potential confidentiality, integrity, and availability impact. ...

CVE-2024-11837 N1QL Injection

Improper Neutralization of Special Elements used in an N1QL Command 'N1QL Injection' vulnerability in PlexTrac allows N1QL Injection.This issue affects PlexTrac: from 1.61.3 before 2.8.1...

PlexTrac 安全漏洞

PlexTrac is a penetration test reporting and management platform from PlexTrac Inc. in the United States. A security vulnerability exists in PlexTrac versions prior to 1.61.3 through 2.8.1 that stems from an untrustworthy data deserialization vulnerability in the Runbook module, which allows obje...

PT-2024-17285 · Plextrac · Plextrac

Name of the Vulnerable Software and Affected Versions: PlexTrac versions 1.61.3 through 2.8.1 Description: The issue affects PlexTrac due to an external control of file name or path vulnerability, allowing local code inclusion through the use of an undocumented API endpoint. Recommendations: For...