CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-25514

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the template_id parameter at /SysManage/wf_template_child_field_list.aspx.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 24.3%

CVSS Severity

CVSS v3 Score 9.4

References

https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_template_child_field_listaspx
https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#wf_template_child_field_listaspx

Products affected by CVE-2024-25514

Ruvar » Ruvaroa » Version: 12.01

cpe:2.3:a:ruvar:ruvaroa:12.01
Ruvar » Ruvaroa » Version: 6.01

cpe:2.3:a:ruvar:ruvaroa:6.01

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-25514

Products

Pricing

Contact Us