CVSS 3.1 Score 9.8 of 10 (high)


Published Feb 15, 2024


CVE-2024-26264 is a cyber vulnerability affecting EBM Technologies RISWEB's specific query function parameter, allowing remote attackers to inject SQL commands without authentication. This vulnerability enables them to read, modify, and delete database records. The affected product is EBM Technologies RISWEB. To remediate this issue, it is recommended to implement proper input validation and restrict user access to the feature page. The potential danger posed by this vulnerability is high, as it can lead to unauthorized access and manipulation of sensitive database information, compromising the confidentiality and integrity of an organization's data.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-26264 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options