cve/CVE-2024-43415.md at 93476d6c370e261fdc1b2b03a08066de45e4892d

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio 1fb02038e8 Update CVE sources 2025-09-29 16:08

2025-09-29 16:08:36 +00:00

Description

An improper neutralization of special elements used in an SQL command in the papertrail/version- model of the decidim_awesome-module <= v0.11.1 (> 0.9.0) allows an authenticated admin user to manipulate sql queries to disclose information, read and write files or execute commands.

POC

Reference

https://pentest.ait.ac.at/security-advisory/decidim-awesome-sql-injection-in-adminaccountability

Github

No PoCs found on GitHub currently.

980 B Raw Blame History

CVE-2024-43415

Description

POC

Reference

Github

980 B

Raw Blame History