3 matches found
CVE-2024-5524
CVE-2024-5524 is an information-exposure vulnerability in Astrotalks affecting version 10/03/2023, where unregistered users can access internal links without credentials. Reported base metrics: CVSS v3.1, 5.3 (Medium), confidentiality impact Low; exploit status not indicated. Connected sources al...
CVE-2024-5523
CVE-2024-5523 affects Astrotalks and describes an SQL injection flaw in the searchString parameter, exploitable by an authenticated local user. The vulnerability could allow retrieval of all information stored in the database. Details indicate the issue affects Astrotalks as of 10/03/2023; no rem...
CVE-2024-5525
CVE-2024-5525 affects Astrotalks with vulnerable privilege management in the 10/03/2023 version. The described flaw allows a local user to access the application as an administrator without credentials, enabling administrative actions. The connected documents provide high-level impact (confidenti...