SQL Injection Vulnerability in Jinher Network Collaborative Management Platform
CVE-2024-11060

Currently unrated

Key Information:

Vendor: Jinher Network Collaborative Management Platform
Vendor: CVE Published:; 11 November 2024

🔔 Create Jinher Network Collaborative Management Platform Vulnerability Alert

What is CVE-2024-11060?

A serious SQL injection vulnerability has been identified in Jinher Network Collaborative Management Platform version 1.0, specifically within the AcceptShow.aspx function. This vulnerability allows an attacker to manipulate the 'id' parameter, enabling unauthorized SQL queries against the database. Such manipulation can lead to significant data breaches, allowing the attacker to gain access to sensitive information. Importantly, this vulnerability can be exploited remotely, increasing its potential impact on vulnerable systems. With the exploit details already disclosed, immediate action is imperative to mitigate risks associated with this security flaw.

References

https://vuldb.com/?id.283806

https://vuldb.com/?ctiid.283806

https://vuldb.com/?submit.440344

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2024

CVE-2024-11060 Data

JSON