admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-4996.md

19 lines
872 B
Markdown
Raw Normal View History

Update CVE sources 2025-09-29 16:08
2025-09-29 16:08:36 +00:00
### [CVE-2024-4996](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4996)
![](https://img.shields.io/static/v1?label=Product&message=Wapro%20ERP%20Desktop&color=blue)
Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-798%20Use%20of%20Hard-coded%20Credentials&color=brightgreen)
Update CVE sources 2025-09-29 16:08
2025-09-29 16:08:36 +00:00
### Description
Use of a hard-coded password for a database administrator account created during Wapro ERP installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Wapro ERP installations. This issue affects Wapro ERP Desktop versions before 8.90.0.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/defragmentator/mitmsqlproxy
Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00
- https://github.com/fkie-cad/nvd-json-data-feeds
Update CVE sources 2025-09-29 16:08
2025-09-29 16:08:36 +00:00
Reference in New Issue Copy Permalink