CVE-2024-7327 in RockOAinformazioni

Riassunto

di MITRE • 01/08/2024

A vulnerability classified as critical was found in Xinhu RockOA 2.6.2. This vulnerability affects the function dataAction of the file /webmain/task/openapi/openmodhetongAction.php. The manipulation of the argument nickName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273250 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsabile

VulDB

Divulgazione

01/08/2024

Moderazione

accettato

CPE

pronto

Sfruttamento

Scaricare

EPSS

0.00514

KEV

no

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!