CVE-2024-54283

CVSS 3.1 Score 7.6 of 10 (high)

Details

Published Dec 16, 2024

CWE ID 89

Summary

CVE-2024-54283 is a newly disclosed SQL Injection vulnerability affecting SeedProd Pro from all versions up to and including 6.18.10. An attacker can exploit this vulnerability by introducing malicious SQL commands, which may result in unauthorized access to sensitive data or even complete database takeover. The issue arises due to SeedProd LLC's failure to properly neutralize special elements in SQL commands, compromising the security of affected installations. Users are advised to update their SeedProd Pro installations to the latest patched version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1KKXmn
https://www.cve.org/CVERecord?id=CVE-2024-54283
https://nvd.nist.gov/vuln/detail/CVE-2024-54283

Back to Vulnerability Database

CVE-2024-54283

CVSS 3.1 Score 7.6 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations