CVE-2024-51818

CVSS 3.1 Score 9.3 of 10 (high)

Details

Published Jan 21, 2025

CWE ID 89

Summary

CVE-2024-51818 is a newly disclosed SQL Injection vulnerability affecting NotFound Fancy Product Designer. The flaw stems from improper handling of special elements in SQL commands, allowing unauthorized users to inject malicious SQL statements. This issue poses a serious threat, as an attacker could manipulate, delete or modify sensitive data. NotFound Fancy Product Designer versions from n/a through 6.4.3 are reportedly affected. It is essential that users update to the latest, secure version to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Fancy Product Designer

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/0MEkQ9
https://www.cve.org/CVERecord?id=CVE-2024-51818
https://nvd.nist.gov/vuln/detail/CVE-2024-51818

Back to Vulnerability Database

CVE-2024-51818

CVSS 3.1 Score 9.3 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations