How severe is CVE-2024-1784?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.6 out of 10.

What type of vulnerability is CVE-2024-1784?

This is classified as CWE-89, which is a common weakness in software security.

CVE-2024-1784

MEDIUM Year: 2024

CVSS v3 Score

6.6

Medium

CVSS v2 Score

3.7

Low

Weakness Type

CWE-89

View all →

Vulnerability Description

A vulnerability classified as problematic was found in Limbas 5.2.14. Affected by this vulnerability is an unknown functionality of the file main_admin.php. The manipulation of the argument tab_group leads to sql injection. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254575. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2020-6114

MEDIUM

CVSS:6.6(Medium)

An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request c...

CWE-892020

CVE-2021-24345

MEDIUM

CVSS:6.6(Medium)

The page lists-management feature of the Sendit WP Newsletter WordPress plugin through 2.5.1, available to Administrator users does not sanitise, validate or escape the id_lista POST parameter before ...

CWE-892021

CVE-2022-21210

MEDIUM

CVSS:6.6(Medium)

An SQL injection vulnerability exists in the AssetActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authen...

CWE-892022

CVE-2023-38221

MEDIUM

CVSS:6.6(Medium)

Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an S...

CWE-892023