CVE-2024-33546

CRITICAL Year: 2024
CVSS v3 Score
9.6
Critical
Weakness Type
CWE-89
View all →

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10.

Related Vulnerabilities

CVE-2022-0153

CRITICAL
CVSS:9.6(Critical)

SQL Injection in GitHub repository forkcms/forkcms prior to 5.11.1.

CWE-892022

CVE-2022-1883

CRITICAL
CVSS:9.6(Critical)

SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0.

CWE-892022

CVE-2023-39336

CRITICAL
CVSS:9.6(Critical)

An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released prior to 2022 SU 5 allows an attacker with access to the internal network to execute arbitrary SQL queries and retrieve o...

CWE-892023

CVE-2024-29822

CRITICAL
CVSS:9.6(Critical)

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

CWE-892024

CVE-2024-29823

CRITICAL
CVSS:9.6(Critical)

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

CWE-892024

CVE-2024-29824

CRITICAL
CVSS:9.6(Critical)

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

CWE-892024