CVE-2024-48814

High CVSS: 7.5

SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive information via the ViewType parameter of the findbywhereclause function

Vendor

Silverpeas

Product

Silverpeas

CWE

CWE-89

Yayın Tarihi

2025-01-03 15:15:10

Güncelleme

2025-05-28 20:15:50

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-89 Silverpeas HIGH Silverpeas 2025

Referanslar

https://gist.github.com/SubZ3r0-0x01/7150f7cbc3b7d810adb221cae3d08fc8 https://github.com/Silverpeas/Silverpeas-Components/pull/859 https://github.com/Silverpeas/Silverpeas-Core/pull/1353

Benzer Kayıtlar

Medium

CVE-2025-46047

A User enumeration vulnerability in the /CredentialsServlet/ForgotPassword endpoint in Silverpeas 6.4.1 and 6.4.2 allows…

Medium

CVE-2025-45055

Silverpeas 6.4.2 contains a stored cross-site scripting (XSS) vulnerability in the event management module. An authentic…

Medium

CVE-2024-56923

Stored Cross-Site Scripting (XSS) Vulnerability in the Categorization Option of My Subscriptions Functionality in Silver…