Vulnerability Details CVE-2024-57151
SQL Injection vulnerability in rainrocka xinhu v.2.6.5 and before allows a remote attacker to execute arbitrary code via the inputAction.php file and the saveAjax function
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.2%
CVSS Severity
CVSS v3 Score 6.8
References
Products affected by CVE-2024-57151
-
cpe:2.3:a:rockoa:xinhu:2.1.9
-
cpe:2.3:a:rockoa:xinhu:2.2.1
-
cpe:2.3:a:rockoa:xinhu:2.3.2
-
cpe:2.3:a:rockoa:xinhu:2.3.3
-
cpe:2.3:a:rockoa:xinhu:2.3.5
-
cpe:2.3:a:rockoa:xinhu:2.3.6
-
cpe:2.3:a:rockoa:xinhu:2.3.7
-
cpe:2.3:a:rockoa:xinhu:2.3.8
-
cpe:2.3:a:rockoa:xinhu:2.3.9
-
cpe:2.3:a:rockoa:xinhu:2.5.0
-
cpe:2.3:a:rockoa:xinhu:2.5.1
-
cpe:2.3:a:rockoa:xinhu:2.5.3
-
cpe:2.3:a:rockoa:xinhu:2.5.5
-
cpe:2.3:a:rockoa:xinhu:2.5.6
-
cpe:2.3:a:rockoa:xinhu:2.5.9
-
cpe:2.3:a:rockoa:xinhu:2.6.2
-
cpe:2.3:a:rockoa:xinhu:2.6.3
-
cpe:2.3:a:rockoa:xinhu:2.6.5