CVE-2024-40456

July 16, 2024, 8:15 p.m.

Tags

cve@mitre.org
2024-07-16
CVE-2024-40456

Product(s) Impacted

ThinkSAAS

  • 3.7.0

Description

ThinkSAAS v3.7.0 was discovered to contain a SQL injection vulnerability via the name parameter at \system\action\update.php.

Weaknesses

Date

Published: July 16, 2024, 8:15 p.m.

Last Modified: July 16, 2024, 8:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://www.notion.so/ThinkSAAS-administrator-backend-SQL-injection-3a5c8c72fc374446892f8dc81ec94923?pvs=4
cve@mitre.org