Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-22856

Published: 22/04/2024 Updated: 22/04/2024

Vulnerability Summary

A SQL injection vulnerability via the Save Favorite Search function in Axefinance Axe Credit Portal >= v.3.0 allows authenticated malicious users to execute unintended queries and disclose sensitive information from DB tables via crafted requests.

References

https://www.4rth4s.xyz/2024/04/cve-2024-22856-authenticated-blind-sql.htmlhttps://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook