CVE

CVE-2024-25524

Severity:

Pending analysis

Type:

Unavailable / Other

Publication date:

08/05/2024

Last modified:

08/05/2024

Description

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sys_file_storage_id parameter at /WorkPlan/WorkPlanAttachDownLoad.aspx.

References to Advisories, Solutions, and Tools

https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#workplanattachdownloadaspx