Sizam REHub Framework SQL Injection Vulnerability
CVE-2024-31234

8.5HIGH

Key Information:

Vendor: WordPress
Status: Rehub Framework
Vendor: CVE Published:; 7 April 2024

What is CVE-2024-31234?

The vulnerability in the Sizam REHub Framework is characterized by improper neutralization of special elements utilized in SQL commands, leading to an SQL injection flaw. This issue, which impacts versions of the REHub Framework before 19.6.2, poses a significant risk by allowing attackers to manipulate database queries. Exploitation could potentially enable unauthorized access to sensitive data, inject malicious SQL code, or compromise the overall integrity of the application. Organizations using affected versions should prioritize updates and implement necessary security measures to safeguard against potential breaches.

Affected Version(s)

REHub Framework < 19.6.2

References

https://patchstack.com/database/vulnerability/rehub-frame...

vdb-entry

CVSS V3.1

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 7, 2024
Vulnerability Reserved
Mar 29, 2024

Credit

Rafie Muhammad (Patchstack)