witmy my-springsecurity-plus har 2024-07-04 /api/dept/build params.dataScope SQL Injection

CVSS Meta Temp ScoreGarga na exploit ndiyam (≈)CTI Nganji Score
7.3$0-$5k0.00

Gundumabayani

Hakika vulnerability da aka rarraba a matsayin kura an gano a witmy my-springsecurity-plus har 2024-07-04. Tabbas, aikin $software_function ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil /api/dept/build, a cikin sashi $software_component. Wuro manipulation of the argument params.dataScope ga SQL Injection. Ana kiran wannan rauni da CVE-2024-6680. Ngam yiɗi ka a tuma ndiyam ka nder layi. Kuma, akwai exploit. Entry ɗin nan yana da duplicate CVE-2024-40541 da aka haɗa masa. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Furɗebayani

Hakika vulnerability da aka rarraba a matsayin kura an gano a witmy my-springsecurity-plus har 2024-07-04. Tabbas, aikin $software_function ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil /api/dept/build, a cikin sashi $software_component. Wuro manipulation of the argument params.dataScope ga SQL Injection. Amfani da CWE wajen bayyana matsala yana kaiwa CWE-89. Lalle, rauni an sanar da shi da IAAH8A. Ana samun bayanin tsaro don saukewa a gitee.com.

Ana kiran wannan rauni da CVE-2024-6680. Ngam yiɗi ka a tuma ndiyam ka nder layi. Bayani na fasaha ga. Wannan vulnerability ɗin ba a san shi sosai ba. Kuma, akwai exploit. Exploit ɗin an bayyana wa jama'a, za a iya amfani da shi. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro.

Á yí huɗɗi-na-gaskiya. Za a iya samun exploit a gitee.com.

Entry ɗin nan yana da duplicate CVE-2024-40541 da aka haɗa masa. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Kayanbayani

Ngilabe

Sunu

Furɗe

Webseite

CPE 2.3bayani

CPE 2.2bayani

CVSSv4bayani

VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍

CNA CVSS-B Score: 🔍
CNA CVSS-BT Score: 🔍
CNA Furɗo: 🔍

CVSSv3bayani

VulDB Meta Base Score: 7.5
VulDB Meta Temp Score: 7.3

VulDB Ganda Borno: 6.3
VulDB Temp Score: 5.7
VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍

NVD Ganda Borno: 9.8
NVD Furɗo: 🔍

CNA Ganda Borno: 6.3
CNA Furɗo: 🔍

CVSSv2bayani

AVACAuCIA
💳💳💳💳💳💳
💳💳💳💳💳💳
💳💳💳💳💳💳
VektarKumpleksitiAuthentisierungKariyandiGaskiyaGashina
furufurufurufurufurufuru
furufurufurufurufurufuru
furufurufurufurufurufuru

VulDB Ganda Borno: 🔍
VulDB Temp Score: 🔍
VulDB Gaskiya: 🔍

Gargajiyabayani

Klasu: SQL Injection
CWE: CWE-89 / CWE-74 / CWE-707
CAPEC: 🔍
ATT&CK: 🔍

Fizikal: Ayi
Gumti: Ayi
Gana: Ee

Gashina: 🔍
Gada: Kàndíga
Halitta: Huɗɗi-na-gaskiya
Dawunload: 🔍

EPSS Score: 🔍
EPSS Percentile: 🔍

Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔍

0-Dayfurufurufurufuru
Lalefurufurufurufuru

Bayani na barazanabayani

Ngam: 🔍
Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍

Kari gamjibayani

Garga: Kumari ndiyam shikena
Halitta: 🔍

0-Day Gana: 🔍

Waktin layibayani

07/11/2024 🔍
07/11/2024 +0 Hənde 🔍
10/10/2025 +456 Hənde 🔍

Ngizimbayani

Kayan: gitee.com

Gargaaji: IAAH8A
Halitta: A wondi feere

CVE: CVE-2024-6680 (🔍)
CVE Dublikat: 🔍
GCVE (CVE): GCVE-0-2024-6680
GCVE (VulDB): GCVE-100-271153
scip Labs: https://www.scip.ch/en/?labs.20161013

Gumtibayani

Súgá: 07/11/2024 10:56
Gargadi: 10/10/2025 18:13
Goyarwa: 07/11/2024 10:56 (56), 07/12/2024 18:16 (1), 10/10/2025 18:13 (42)
Gadankam: 🔍
Cache ID: 253:529:103

Ganaaji

A ga wuroyo kulu. Kàlàmbe: kr + en.

Ngam loga ka, kanyi shidin dum.

GurɗoGumtiGada

Interested in the pricing of exploits?

See the underground prices here!