CVE

CVE-2024-3816

Severity:

Pending analysis

Type:

CWE-89 SQL Injection

Publication date:

28/06/2024

Last modified:

28/06/2024

Description

Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to a blind SQL Injection executed using the search bar. <br /> Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears.

References to Advisories, Solutions, and Tools

https://cert.pl/en/posts/2024/06/CVE-2024-3800
https://cert.pl/posts/2024/06/CVE-2024-3800