Crmeb Java SQL Injection Vulnerability
CVE-2024-24110

Currently unrated

Key Information:

Vendor: crmeb_java
Vendor: CVE Published:; 21 March 2024

What is CVE-2024-24110?

SQL Injection vulnerability in crmeb_java before v1.3.4 allows attackers to run arbitrary SQL commands via crafted GET request to the component /api/front/spread/people.

References

https://github.com/crmeb/crmeb_java/issues/13

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 21, 2024
Vulnerability Reserved
Jan 25, 2024