CVE-2024-6266

A vulnerability classified as critical has been found in Pear Admin Boot up to 2.0.2. Affected is an unknown function of the file /system/dictData/loadDictItem. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-269478 is the identifier assigned to this vulnerability.
References
Link Resource
https://gitee.com/pear-admin/Pear-Admin-Boot/issues/IA5K2M Exploit Vendor Advisory
https://vuldb.com/?ctiid.269478 Permissions Required VDB Entry
https://vuldb.com/?id.269478 Permissions Required VDB Entry
https://gitee.com/pear-admin/Pear-Admin-Boot/issues/IA5K2M Exploit Vendor Advisory
https://vuldb.com/?ctiid.269478 Permissions Required VDB Entry
https://vuldb.com/?id.269478 Permissions Required VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:pearadmin:pear_admin_boot:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-06-23 03:15

Updated : 2024-11-21 09:49


NVD link : CVE-2024-6266

Mitre link : CVE-2024-6266

CVE.ORG link : CVE-2024-6266


JSON object : View

Products Affected

pearadmin

  • pear_admin_boot
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')