Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-4658

Oct. 15, 2024, 12:58 p.m.

Product(s) Impacted

Nova CMS

  • before 5.0

Description

SQL Injection: Hibernate vulnerability in TE Informatics Nova CMS allows SQL Injection.This issue affects Nova CMS: before 5.0.

Weaknesses

CWE-564
SQL Injection: Hibernate

Using Hibernate to execute a dynamic SQL statement built with user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.

CWE ID: 564

Date

Published: Oct. 10, 2024, 2:15 p.m.

Last Modified: Oct. 15, 2024, 12:58 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

iletisim@usom.gov.tr

References

https://www.usom.gov.tr/ iletisim@usom.gov.tr