1 results (0.001 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24525
https://notcve.org/view.php?id=CVE-2024-24525
29 Feb 2024 — An issue in EpointWebBuilder 5.1.0-sp1, 5.2.1-sp1, 5.4.1 and 5.4.2 allows a remote attacker to execute arbitrary code via the infoid parameter of the URL. Un problema en EpointWebBuilder 5.1.0-sp1, 5.2.1-sp1, 5.4.1 y 5.4.2 permite a un atacante remoto ejecutar código arbitrario a través del parámetro infoid de la URL. • https://l3v3lforall.github.io/EpointWebBuilder_v5.x_VULN • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-233: Improper Handling of Parameters •