admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-281xx/CVE-2024-28145.json
cad-safe-bot 2329bf4222 Auto-Update: 2024-12-13T19:00:27.850419+00:00
2024-12-13 19:03:51 +00:00

64 lines
2.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-28145",
"sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"published": "2024-12-12T14:15:22.467",
"lastModified": "2024-12-13T17:15:06.360",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated attacker can perform an SQL injection by accessing the /class/dbconnect.php\u00a0file and supplying malicious GET parameters. The HTTP GET parameters search, table, field, and value are vulnerable. For example, one SQL injection can be performed on the parameter \"field\" with the UNION keyword."
},
{
"lang": "es",
"value": "Un atacante no autenticado puede realizar una inyecci\u00f3n SQL accediendo al archivo /class/dbconnect.php y suministrando par\u00e1metros GET maliciosos. Los par\u00e1metros HTTP GET search, table, field y value son vulnerables. Por ejemplo, se puede realizar una inyecci\u00f3n SQL en el par\u00e1metro \"field\" con la palabra clave UNION."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.5,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://r.sec-consult.com/imageaccess",
"source": "551230f0-3615-47bd-b7cc-93e92e730bbf"
},
{
"url": "https://www.imageaccess.de/?page=SupportPortal&lang=en",
"source": "551230f0-3615-47bd-b7cc-93e92e730bbf"
}
]
}
Reference in New Issue View Git Blame Copy Permalink