Vulnerability Details CVE-2024-38882
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform command line execution through SQL Injection due to improper neutralization of special elements used in an OS command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 82.2%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-38882
-
cpe:2.3:a:horizoncloud:caterease:16.0.1.1663
-
cpe:2.3:a:horizoncloud:caterease:24.0.1.2405