CVE-2024-4991

Vulnerability in SiAdmin 1.1 that allows SQL injection via the /modul/mod_pass/aksi_pass.php parameter in nama_lengkap. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in it.

CVSS

No CVSS.

References

Link	Resource
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-siadmin

Configurations

No configuration.

History

16 May 2024, 13:03

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-16 12:15

Updated : 2024-05-16 13:03

NVD link : CVE-2024-4991

Mitre link : CVE-2024-4991

JSON object : View

Products Affected

No product.

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

JSON object

Attach tags to CVE-2024-4991

Attach tags to `CVE-2024-4991`