CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-2584

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/select_send.php, in the 'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.0%

CVSS Severity

CVSS v3 Score 8.2

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss

Products affected by CVE-2024-2584

Amss++ Project » Amss++ » Version: 4.31

cpe:2.3:a:amss++_project:amss++:4.31

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-2584

Products

Pricing

Contact Us