How severe is CVE-2024-8705?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2024-8705?

This is classified as CWE-89, which is a common weakness in software security.

CVE-2024-8705 - MEDIUM Severity | CVSS 6.3

Vulnerability Description

A vulnerability was found in Shandong Star Measurement and Control Equipment Heating Network Wireless Monitoring System 5.6.2 and classified as critical. Affected by this issue is the function GetDataKindByType of the file /DataSrvs/UCCGSrv.asmx. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2005-4349

MEDIUM

CVSS:6.3(Medium)

SQL injection vulnerability in server_privileges.php in phpMyAdmin 2.7.0 allows remote authenticated users to execute arbitrary SQL commands via the (1) dbname and (2) checkprivs parameters. NOTE: the...

CWE-892005

CVE-2012-3336

MEDIUM

CVSS:6.3(Medium)

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to multiple scripts, which could allow the attack...

CWE-892012

CVE-2015-7791

MEDIUM

CVSS:6.3(Medium)

Multiple SQL injection vulnerabilities in admin.php in the Collne Welcart plugin before 1.5.3 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) search[column...

CWE-892015

CVE-2016-2301

MEDIUM

CVSS:6.3(Medium)

SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

CWE-892016

CVE-2016-5939

MEDIUM

CVSS:6.3(Medium)

IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the ...

CWE-892016

CVE-2017-1722

MEDIUM

CVSS:6.3(Medium)

IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete inform...

CWE-892017