ГлавнаяУязвимости → CVE-2024-41512
8.8высокая

CVE-2024-41512

Описание

A SQL Injection vulnerability in "ccHandler.aspx" in all versions of CADClick v.1.11.0 and before allows remote attackers to execute arbitrary SQL commands via the "bomid" parameter.

Затрагиваемое ПО
4pace Cadclick
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
http://cadclick.de/http://kimweb.de/https://piuswalter.de/blog/multiple-critical-vulnerabilities-in-cadclick/