CVE-2024-22856
April 22, 2024, 1:28 p.m.
Tags
Product(s) Impacted
Axefinance Axe Credit Portal
- >= v.3.0
Description
A SQL injection vulnerability via the Save Favorite Search function in Axefinance Axe Credit Portal >= v.3.0 allows authenticated attackers to execute unintended queries and disclose sensitive information from DB tables via crafted requests.
Weaknesses
Date
Published: April 22, 2024, 12:15 p.m.
Last Modified: April 22, 2024, 1:28 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org
References
https://www.4rth4s.xyz/
cve@mitre.org