CVE-2024-52335
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Dec 6, 2024
CWE ID 89
Summary
CVE-2024-52335 is a newly discovered vulnerability affecting syngo.plaza VB30E versions prior to VB30E_HF05. The issue lies in the application's failure to properly sanitize user input before sending it to an SQL server. An attacker with access to the application could exploit this flaw to execute malicious SQL commands, potentially leading to a comprehensive database compromise.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share