mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
77 lines
2.7 KiB
JSON
77 lines
2.7 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2024-41618",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to SQL Injection in the `transaction_delete_group` function. The vulnerability is due to improper sanitization of user input in the `TrDeleteArr` parameter, which is directly incorporated into an SQL query."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://github.com/moneymanagerex/web-money-manager-ex/issues/51",
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/moneymanagerex/web-money-manager-ex/issues/51"
|
|
},
|
|
{
|
|
"url": "https://www.youtube.com/watch?v=JaOrlT9G3yo",
|
|
"refsource": "MISC",
|
|
"name": "https://www.youtube.com/watch?v=JaOrlT9G3yo"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/moneymanagerex/web-money-manager-ex/commit/f2850b295ee21bc299799343a3bc4d004d05651d",
|
|
"url": "https://github.com/moneymanagerex/web-money-manager-ex/commit/f2850b295ee21bc299799343a3bc4d004d05651d"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/moneymanagerex/web-money-manager-ex/releases/tag/v1.2.3",
|
|
"url": "https://github.com/moneymanagerex/web-money-manager-ex/releases/tag/v1.2.3"
|
|
}
|
|
]
|
|
}
|
|
} |