CVE-2024-57095

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Jan 24, 2025

Updated: Feb 5, 2025

CWE ID 89

Summary

CVE-2024-57095 is a newly disclosed SQL injection vulnerability affecting Go-CMS version 1.1.10. An attacker can exploit this weakness by delivering a crafted SQL payload, potentially gaining unauthorized access to sensitive data or executing arbitrary code on the targeted system. This issue poses a significant risk, as it can be exploited remotely. Go-CMS users are advised to update their software to the latest version as soon as possible to mitigate this threat. Failure to do so may leave systems vulnerable to SQL injection attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2T4_Xl
https://www.cve.org/CVERecord?id=CVE-2024-57095
https://nvd.nist.gov/vuln/detail/CVE-2024-57095

Back to Vulnerability Database

CVE-2024-57095

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations