Back

CVE-2024-25528

May 8, 2024, 5:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

RuvarOA

  • v6.01
  • v12.01

Source

cve@mitre.org

Tags

cve@mitre.org
2024-05-08
CVE-2024-25528

CVE-2024-25528 details

Published : May 8, 2024, 5:15 p.m.
Last Modified : May 8, 2024, 5:15 p.m.

Description

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /PersonalAffair/worklog_template_show.aspx.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_work_stat_settingaspx cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.