eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an attacker to execute arbitrary code via the DatabaseController.java component.
Metrics
Affected Vendors & Products
References
History
Wed, 25 Sep 2024 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-918 | |
CPEs | cpe:2.3:a:eladmin:eladmin:*:*:*:*:*:*:*:* |
Tue, 10 Sep 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Eladmin
Eladmin eladmin |
|
Weaknesses | CWE-352 | |
CPEs | cpe:2.3:a:eladmin:eladmin:2.7:*:*:*:*:*:*:* | |
Vendors & Products |
Eladmin
Eladmin eladmin |
|
Metrics |
cvssV3_1
|
Tue, 10 Sep 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 10 Sep 2024 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an attacker to execute arbitrary code via the DatabaseController.java component. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-09-10T00:00:00
Updated: 2024-09-10T18:18:19.434Z
Reserved: 2024-08-21T00:00:00
Link: CVE-2024-44677
Vulnrichment
Updated: 2024-09-10T18:18:12.932Z
NVD
Status : Analyzed
Published: 2024-09-10T16:15:20.373
Modified: 2024-09-25T19:19:24.007
Link: CVE-2024-44677
Redhat
No data.