Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-32136

Published: 15/04/2024 Updated: 15/04/2024

Vulnerability Summary

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a up to and including 2.0.3.

Github Repositories

https://github.com/xbz0n/CVE-2024-32136

CVE-2024-32136 Exploit Title: BWL Advanced FAQ Manager 203 - Post-Authenticated SQL Injection Date: [Today's Date] Exploit Author: Ivan Spiridonov (xbz0n) Vendor Homepage: [URL of the vendor if available] Software Link: [Direct link to software or plugin] Version: 203 Tested on: [Your tested environment, eg, specific OS or configuration] CVE : CVE-2024-32136 SQL Inje

References

CWE-89https://patchstack.com/database/vulnerability/bwl-advanced-faq-manager/wordpress-bwl-advanced-faq-manager-plugin-2-0-3-sql-injection-vulnerability?_s_id=cvehttps://nvd.nist.govhttps://github.com/xbz0n/CVE-2024-32136
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook