admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-4996.md

18 lines
832 B
Markdown
Raw Normal View History

Update CVE sources 2025-09-29 16:08
2025-09-29 16:08:36 +00:00
### [CVE-2024-4996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4996)
![](https://img.shields.io/static/v1?label=Product&message=Wapro%20ERP%20Desktop&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%208.90.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-798%20Use%20of%20Hard-coded%20Credentials&color=brighgreen)
### Description
Use of a hard-coded password for a database administrator account created during Wapro ERP installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Wapro ERP installations. This issue affects Wapro ERP Desktop versions before 8.90.0.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/defragmentator/mitmsqlproxy
Reference in New Issue Copy Permalink