cve/CVE-2024-36840.md at 93476d6c370e261fdc1b2b03a08066de45e4892d

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio 1fb02038e8 Update CVE sources 2025-09-29 16:08

2025-09-29 16:08:36 +00:00

Description

SQL Injection vulnerability in Boelter Blue System Management v.1.3 allows a remote attacker to execute arbitrary code and obtain sensitive information via the id parameter to news_details.php and location_details.php; and the section parameter to services.php.

POC

Reference

http://seclists.org/fulldisclosure/2024/Jun/0
https://infosec-db.github.io/CyberDepot/vuln_boelter_blue/
https://packetstormsecurity.com/files/178978/Boelter-Blue-System-Management-1.3-SQL-Injection.html
https://sploitus.com/exploit?id=PACKETSTORM:178978

Github

https://github.com/InfoSec-DB/InfoSec-DB
https://github.com/theexploiters/CVE-2024-36840-Exploit

1010 B Raw Blame History

CVE-2024-36840

Description

POC

Reference

Github

1010 B

Raw Blame History