Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-3373

Sept. 30, 2024, 12:45 p.m.

Tags

CWE-89
iletisim@usom.gov.tr
2024-09-27
CVE-2024-3373

Product(s) Impacted

RSM Design Website Template

  • before 1.2

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RSM Design Website Template allows SQL Injection.This issue affects Website Template: before 1.2.

Weaknesses

CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

CWE ID: 89

Date

Published: Sept. 27, 2024, 3:15 p.m.

Last Modified: Sept. 30, 2024, 12:45 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

iletisim@usom.gov.tr

References

https://www.usom.gov.tr/ iletisim@usom.gov.tr