CVE-2024-10594 – ESAflenet CDG SQL Injection Vulnerability

10月 31, 2024
10:16 pm

CVE ID : CVE-2024-10594

Published : Oct. 31, 2024, 9:15 p.m. | 1 hour, 1 minute ago

Description : A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the function docHistory of the file /com/esafenet/servlet/fileManagement/FileDirectoryService.java. The manipulation of the argument fileId leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-10594 – ESAflenet CDG SQL Injection Vulnerability

Elvescore.io

Recent Posts

CVE-2025-22275 – iTerm2 Information Disclosure

CVE-2024-11624 – “VPN App Vulnerability – Undeclared Permission Privilege Escalation”

CVE-2024-47032 – LWIS Memory Corruption Vulnerability

CVE-2024-53833 – Apache LWis Out-of-Bounds Write Local Privilege Escalation

CVE-2024-53834 – Android SMS to-string Out-of-Bounds Read Vulnerability

CVE-2024-53835 – Apache Biometric Bypass Privilege Escalation Vulnerability

CVE-2024-10594 – ESAflenet CDG SQL Injection Vulnerability

CVE-2024-10594 – ESAflenet CDG SQL Injection Vulnerability